CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra ...

A weakness in the configuration of OAuth credentials opens up a stored XSS vulnerability in the n8n automation platform, ...

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive information.

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s security. This finding highlights the core risks of ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...

A high-severity Chrome vulnerability has allowed malicious extensions to exploit the Gemini panel and gain elevated access to ...

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.

Surf AI, the agentic operations platform for modern security teams, today announced its launch and $57 million in funding to accelerate the development of its AI-native security execution offerings.