Category: Security
Cybersecurity Threat Advisory: AdonisJS Bodyparser vulnerability
A severe security flaw has been identified in the @adonisjs/bodyparser npm package, a core component of the AdonisJS TypeScript-first web framework. Tracked as CVE-2026-21440, the vulnerability stems from a path traversal issue in the multipart file handling mechanism. If exploited,...
Cybersecurity Threat Advisory: Critical n8n vulnerability
A severe vulnerability, tracked as CVE-2025-68668 with a CVSS score of 9.9, was recently discovered in n8n, an open-source workflow automation platform. The flaw enables authenticated users with create or modify workflows permissions to execute arbitrary system commands on the...
Cybersecurity Threat Advisory: Critical vulnerability in IBM API Connect
A newly disclosed security vulnerability, CVE-2025-13915, affects IBM API Connect. This flaw could allow a remote attacker to bypass authentication and gain unauthorized access to applications. Review this Cybersecurity Threat Advisory for steps to mitigate your risk. What is the...
Cybercrime in 2026: Faster, smarter and fully industrialized
Cybercrime is no longer a loose collection of hackers, tools and opportunistic attacks. As we move into 2026, it has matured into a highly industrialized ecosystem—complete with specialization, automation, affiliate networks, and even cartel-like business models. The result is a...
Expert reflections: Top cybersecurity trends of 2025
As 2025 comes to a close, cybersecurity professionals are taking stock of a year shaped by both familiar threats and rising perils. So, what truly surprised security leaders this year—and what can we learn from it? To find out, I...
The 2025 ITRC Consumer Impact Report: A new era of identity crime
Founded in 1999, the Identity Theft Resource Center (ITRC) is a national nonprofit dedicated to empowering and guiding consumers, victims, businesses and government agencies to minimize risk and mitigate the impact of identity compromise and crime. The ITRC provides free...
Cybersecurity Threat Advisory: MongoDB RCE vulnerability
MongoDB has disclosed a high‑severity vulnerability, tracked as CVE‑2025‑14847, that could allow unauthenticated remote code execution (RCE). The flaw stems from the Zlib compression handler and can be exploited with low complexity, posing a serious risk to data confidentiality and...
Cybersecurity Threat Advisory: HPE OneView vulnerability enables RCE
A newly disclosed vulnerability, tracked as CVE‑2025‑37164, affects the Hewlett Packard Enterprise (HPE) OneView product and has been assigned a CVSS score of 10.0. Read this Cybersecurity Threat Advisory for more details and recommended steps to protect your environment. What...
Cyberattack targets included MSPs in energy sector
Amazon Web Services (AWS) has issued a stark reminder of just how dangerous and persistent cyberattacks targeting managed service providers (MSPs) can be—especially when those MSPs support critical industries. The cloud provider recently released new findings showing that a series...
Cybersecurity Threat Advisory: n8n vulnerability
The n8n workflow automation platform vulnerability, tracked as CVE‑2025‑68613, enables authenticated attackers to execute arbitrary code via expression injection in workflow definitions. Review this Cybersecurity Threat Advisory for actionable steps to mitigate your risk from this flaw. What is the...