The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
PCMag

Cyber Fidget Is Part Fidget Toy, Part Educational Hacking Tool, and I Want One

What happens when you combine an Arduino-based microcontroller with a palm-sized aluminum box and clicky buttons? A fidget ...

Malicious Chrome extensions caught stealing sensitive data

Chrome extensions called "Phantom Shuttle" stole user data for years before Google removed them from the Chrome Web Store ...

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...

VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, ...