rce

SolarWinds Web Help Desk: Unpacking RCE Exploitation in Sophisticated Multi-Stage Intrusions

Microsoft observed multi-stage attacks exploiting internet-exposed SolarWinds WHD for RCE, leading to lateral movement and high-value asset compromise.

Marcus Thorne General news

Critical N8n Sandbox Escape: A Gateway to Full Server Compromise and Data Exfiltration

Severe N8n sandbox escape allows arbitrary command execution, credential theft, and full server compromise. Immediate patching advised.

Marcus Thorne General news

Critical n8n RCE Flaw CVE-2026-25049: A Deeper Dive into Sanitization Bypass and System Command Execution

Critical n8n flaw CVE-2026-25049 enables arbitrary system command execution, bypassing previous sanitization fixes via malicious workflows.

Marcus Thorne General news

DockerDash: Critical Ask Gordon AI Flaw in Docker Desktop/CLI Exploited via Image Metadata

Docker patched a critical Ask Gordon AI flaw (DockerDash) allowing code execution and data exfiltration via malicious image metadata.

Marcus Thorne General news

CISA Emergency Directive: Critical SolarWinds RCE Exploited in the Wild

CISA flags critical SolarWinds Web Help Desk RCE flaw (CVE-2023-40000) as actively exploited, urging immediate patching.

Marcus Thorne General news

Chainlit Security Flaws Highlight Infrastructure Risks in AI Applications

Two security vulnerabilities in the Chainlit framework expose critical risks from web flaws in AI applications, emphasizing infrastructure security.

Marcus Thorne General news

January 2026 Patch Tuesday: 113 Vulnerabilities, 8 Critical, and a Zero-Day Under Active Attack

Microsoft's January 2026 Patch Tuesday addresses 113 flaws, including 8 critical RCEs and one actively exploited zero-day, urging immediate patching.