Infostealers added Clawdbot to their target lists before most security teams knew it was running

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed ...
SecurityWeek

N8n Vulnerabilities Could Lead to Remote Code Execution

Two vulnerabilities in n8n’s sandbox mechanism could be exploited for remote code execution (RCE) on the host system.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
The Hacker News

SolarWinds Fixes Four Critical Web Help Desk Flaws With Unauthenticated RCE and Auth Bypass

SolarWinds fixed six Web Help Desk vulnerabilities, including four critical flaws that allow unauthenticated remote code ...

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
Dark Reading

China-Backed 'PeckBirdy' Takes Flight for Cross-Platform Attacks

In two separate campaigns, attackers used the JScript C2 framework to target Chinese gambling websites and Asian government ...