SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
InfoQ

Microsoft Releases Azure Functions Support for Model Context Protocol Servers

Microsoft has launched its Model Context Protocol (MCP) for Azure Functions, ensuring secure, standardized workflows for AI ...
winbuzzer.com

GitHub Copilot CLI Gains Specialized Agents, Parallel Execution, and Smarter Context Management

GitHub has released version 0.0.382 of its command-line assistant from single-threaded helper to orchestrated multi-agent system, betting that parallel workflows will accelerate development. GitHub ...
GitHub

Model Context Protocol (MCP) Curriculum for Beginners

The Model Context Protocol (MCP) is a cutting-edge framework designed to standardize interactions between AI models and client applications. This open-source curriculum offers a structured learning ...