CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.

Analyst proposes two ideas for unplugging Harley-Davidson from LiveWire

An analyst has outlined two specific strategies for how Harley-Davidson could exit its stake in LiveWire Group.

City of Port Washington seeks dismissal of lawsuit by data center opponents

At issue is the November 2025 approval of a tax increment financing district for about $175 million of improvements.