The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
Bleeping Computer

New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the ‘PhantomRaven’ supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. The campaign ...
Computer Weekly

Iran war a melting pot for other cyber threats

State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts.
BBC

Starmer was warned of 'reputational risk' over Mandelson's links with Epstein, files show

We're moving away from the files quickly as we've just had a response to to the release from Ed Davey, the Liberal Democrat leader. "It’s astonishing Mandelson received a payout even after his ...
InfoQ

Webpack Publishes 2026 Roadmap with Native CSS Support, Universal Target, and Path to Version 6

Webpack's 2026 roadmap, led by Even Stensberg, unveils substantial enhancements aimed at modernizing the bundler. Key features include native CSS module support, universal compilation for various ...
BBC

First set of files relating to Mandelson's appointment as US ambassador released - live updates - BBC News

One document included in this drop, dated to 11 December 2024, is labelled "Advice to the Prime Minister", titled "HMA Washington" and marked "official sensitive". It appears to show some of the steps ...