The Hacker News

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A critical flaw in legacy D-Link DSL routers lets unauthenticated attackers run commands and hijack DNS, with active ...
SDxCentral

CISA warns critical HPE OneView bug is in the wild and being exploited

A bug in the software-defined infrastructure management platform HPE OneView allows for remote code execution by threat ...

New Veeam vulnerabilities expose backup servers to RCE attacks

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical ...
The Hacker News

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

CVE-2026-21877, a critical authenticated RCE flaw with CVSS 10.0, fixed in version 1.121.3 after affecting earlier releases.

This critical severity flaw in D-Link DSL gateway devices could allow for remote code execution

Earlier this week, security researchers from VulnCheck announced finding a command injection vulnerability due to improper ...
SecurityWeek

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Threat actors are exploiting CVE-2026-0625, a critical zero-day vulnerability in discontinued D-Link devices for remote code ...
CSO Online

Critical RCE flaw allows full takeover of n8n AI workflow platform

A compromised n8n instance doesn’t just mean losing one system — it means handing attackers the keys to everything,’ security ...
Dark Reading

Maximum Severity HPE OneView Flaw Exploited in the Wild

Exploitation of CVE-2025-37164 can enable remote code execution on HPE's IT infrastructure management platform, leading to ...
Bleeping Computer

Hackers exploit critical RCE flaw in Bricks WordPress site builder

Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. The Bricks Builder Theme is a premium ...