Critical vulnerability in automation tool: n8n allows code smuggling

The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should ...
InfoWorld

GitHub rolls out AI-powered fixes for code vulnerabilities

Copilot Autofix, a new addition to the GitHub Advanced Security service, analyzes vulnerabilities in code and offers code suggestions to help developers fix them. GitHub has unveiled Copilot Autofix, ...
The Hacker News

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA warns that hackers are actively exploiting a high-severity flaw in Gogs that can lead to remote code execution; no patch ...

zlib: Critical vulnerability in untgz tool allows code smuggling – no update yet

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.

OWASP Names Latest Top 10 Application Vulnerabilities

The Open Worldwide Application Security Project (OWASP) has unveiled its latest top 10 vulnerabilities list, and it contains ...
TechCrunch

GitHub’s latest AI tool can automatically fix code vulnerabilities

It’s a bad day for bugs. Earlier today, Sentry announced its AI Autofix feature for debugging production code and now, a few hours later, GitHub is launching the first beta of its code-scanning ...
The Hacker News

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet patches a critical FortiSIEM vulnerability (CVE-2025-64155) that allows unauthenticated remote code execution via ...