A critical vulnerability (CVE-2025-68664, CVSS 9.3) was disclosed affecting the LangChain open-source LLM framework, allowing attackers to steal sensitive data...
A high severity vulnerability (CVE-2025-14847, CVSS 7.5/8.7) was disclosed affecting MongoDB Server across a wide range of versions, allowing attackers...
A critical vulnerability (CVE-2025-68613, CVSS 9.9/10.0) was disclosed affecting the n8n workflow automation platform, allowing attackers to execute arbitrary code...
Following the previously disclosed React2Shell remote code execution vulnerabilities (React: CVE-2025-55182, Next.js: CVE-2025-66478, CVSS 10.0), additional security issues were identified...
The Orca Research Pod has spent all year investigating cloud security. Billions of cloud assets scanned. Hundreds of thousands of...
A critical vulnerability was announced today affecting React Server Components (RSC), which affects React (CVE-2025-55182) and all frameworks using RSC,...
TL;DR This is the second time a malicious campaign - codenamed Shai‑Hulud - has been detected targeting the npm ecosystem....
The OWASP Top 10 2025 release candidate is here, marking an important milestone in the evolution of application security best...
In Part 1 of this blog series, we learned about GitHub Actions and their risks—now comes the fun part. It’s...
