New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
The Hacker News

Phishing Attack Uses Stolen Credentials to Install LogMeIn RMM for Persistent Access

Researchers uncovered a two-stage phishing attack stealing email logins to install LogMeIn Resolve RMM for persistent, hidden ...

How “Bitcoin Jesus” Avoided Prison, Thanks to One of the “Friends of Trump”

The post How “Bitcoin Jesus” Avoided Prison, Thanks to One of the “Friends of Trump” appeared first on ProPublica.
SecurityWeek

Fresh SmarterMail Flaw Exploited for Admin Access

Threat actors started exploiting a SmarterMail authentication bypass flaw for remote code execution only days after patches ...