CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors increasingly rely on lightweight, stealthy ...
CSO Online

Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

Sandbox escape vulnerability in vm2, used by nearly 900 NPM packages, allows attackers to bypass security protections and ...