CSO Online

Critical flaw in HPE Aruba CX switches lets attackers seize admin control without credentials

Unauthenticated password reset vulnerability in widely deployed enterprise switching hardware carries a near-maximum severity score.
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
CSO Online

CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws

Patched vulnerabilities in Ivanti Endpoint Manager and Cisco Catalyst SD-WAN are under attack, according to the US security agency, which added reporting requirements to its previous Cisco directive.
GovInfoSecurity

Context7 Flaw Let Attackers Slip Commands to AI Agents

Security researchers at Noma Labs found a critical flaw in Context7, a widely used tool that feeds AI coding assistants documentation, allowing attackers to plant ...

Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.
Healthline

What to Know About the Amino Acid L-Carnitine

L-carnitine, a naturally occurring amino acid derivative, plays a vital role in energy production by transporting fatty acids into cells’ mitochondria. While L-carnitine supplementation may aid in ...