Open Source
Critical vm2 sandbox bug lets attackers execute code on hosts
A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. The security issue is tracked as CVE-2026-26956 and has been confirmed to impact vm2 version 3.10.4, although earlier releases may also be vulnerable. Proof-of-concept (PoC) exploit code has been published. In the security […]
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers’ servers. Exploitation started in early February, before the security issues were disclosed publicly at the end of the month, according to researchers at cloud-native application security company Snyk. Qinglong is a self-hosted open-source time management platform […]
Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw
Hackers are targeting sensitive information stored in the LiteLLM open-source large-language model (LLM) gateway by exploiting a critical vulnerability tracked as CVE-2026-42208. The flaw is an SQL injection issue that occurs during LiteLLM’s proxy API key verification step. An attacker can exploit it without authentication by sending a specially crafted Authorization header to any LLM […]
Trivy supply-chain attack spreads to Docker, GitHub repos
The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company’s GitHub organization to tamper with dozens of repositories. This follows the threat actor compromising the GitHub build pipeline for Trivy, Aqua Security’s scanner, to deliver infostealing malware in a supply-chain attack that extended to Docker Hub over the […]
Betterleaks, a new open-source secrets scanner to replace Gitleaks
A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. Secret scanners are specialized utilities that scour repositories for sensitive information, such as credentials, API keys, private keys, and tokens, that developers accidentally committed in source code. Since threat actors often scan configuration files in […]
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. Last month, GeekFeed reported on an AI-assisted hacking operation that compromised more than 500 FortiGate devices in five weeks. The threat actor behind this campaign used […]
New tool blocks imposter attacks disguised as safe commands
A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. Available on GitHub and also as an npm package, the tool works by hooking into the user’s shell (zsh, bash, fish, PowerShell) and inspecting every command the user pastes for execution. The idea […]
Critical n8n flaws disclosed along with public exploits
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server. Collectively tracked as CVE-2026-25049, the issues can be exploited by any authenticated user who can create or edit workflows on the platform to perform unrestricted remote code execution on the […]
Viral Moltbot AI assistant raises concerns over data security
Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation history, and credentials. Moltbot is an open-source personal AI assistant with deep system integration created by Peter Steinberger that can be hosted locally on user devices and integrated directly with the user’s […]
New sandbox escape flaw exposes n8n instances to RCE attacks
Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host. Identified as CVE-2026-1470 and CVE-2026-0863, the vulnerabilities were discovered and reported by researchers at DevSecOps company JFrog. Despite requiring authentication, CVE-2026-1470 received a critical severity score of 9.9 out of 10. JFrog […]