The Hacker News

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The ...
bitnewsbot

Critical OS Command Injection Flaw Found in React Native CLI

A critical security weakness was discovered and patched in the popular @react-native-community/cli package, which supports developers building React Native mobile apps. The vulnerability could let ...
Bleeping Computer

TP-Link warns of critical command injection flaw in Omada gateways

TP-Link is warning of two command injection vulnerabilities in Omada gateway devices that could be exploited to execute arbitrary OS commands. Omada gateways are marketed as full-stack solutions ...
GitHub

An OS Command Injection vulnerability affecting Station...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
CSOonline

Chaos-Mesh flaws put Kubernetes clusters at risk of full takeover

Four newly discovered vulnerabilities in the fault simulation platform can lead to OS command injection and cluster takeover, even from unprivileged pods. Researchers have found critical ...
Dark Reading

CISA Warns N-able Bugs Under Attack, Patch Now

The Cybersecurity and Infrastructure Security Agency (CISA) added two N-able vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog this week, but, thankfully, a fix is available now.
Metal Injection

Here's How To Watch OZZY OSBOURNE's Public Funeral Procession

Original Story: The city of Birmingham, United Kingdom, is preparing to say a final and heartfelt farewell to one of its most legendary and beloved sons: Ozzy Osbourne. A public tribute procession ...
CSOonline

Misconfigured MCP servers expose AI agent systems to compromise

Hundreds of Model Context Protocol (MCP) servers used to link LLMs to third-party services, data sources, and tools include default configurations that could expose users to unauthorized OS command ...
Crowdfund Insider

Regtech Fenergo Introduces FinCrime Operating System with Agentic AI Layer to Boost Productivity

Fenergo has launched its FinCrime Operating System (OS), which is described as an evolution of its existing solutions to become the single unifying platform across the Client Lifecycle. It leverages ...
Mobile ID News

SonicWall Warns of Active Exploitation of Critical SMA VPN Vulnerabilities

SonicWall has issued alerts regarding two critical vulnerabilities in its Secure Mobile Access (SMA) appliances that are being actively exploited. The vulnerabilities, designated as CVE-2023-44221 and ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...