n8n security woes roll on as new critical flaws bypass December fix

Patch meant to close a severe expression bug fails to stop attackers with workflow access Multiple newly disclosed bugs in the popular workflow automation tool n8n could allow attackers to hijack ...
The Hacker News

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.
The Caledonian-Record

MintMCP Launches Enterprise Governance Platform for AI Agents and MCP Servers

MintMCP today launched its enterprise governance platform for AI agents and MCP servers, enabling teams to deploy, monitor, and secure agent infrastructure at scale. The platform enables organizations ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
Cyber Daily

Hacked: New SmarterTools SmarterMail vulnerability exploited in the wild

The US cyber agency adds a new SmarterMail vulnerability to its known exploited list, alongside a React Native Community CLI ...