The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
SecurityWeek

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.
InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.

Kilo CLI 1.0 brings open source vibe coding to your terminal with support for 500+ models

Conversely, Kilo CLI 1.0 utilizes the MIT-licensed OpenCode foundation to deliver a production-ready Terminal User Interface (TUI) that allows engineers to swap between 500+ models.