SecurityWeek

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.

Chrome's AI Extensions Flagged for Data Harvesting in 2026—With Surprising Names

New research by Incogni reveals that over half of AI-branded Google Chrome extensions are harvesting user data.
SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.
The Hacker News

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.
Amazon S3 on MSN

Disable this risky browser setting on all browsers immediately

Disabling JavaScript just-in-time (JIT) compilation optimizations in web browsers reduces the risk of zero-day exploits ...
InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just ...
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...