LayerX Launches ExtensionPedia
Post Content
Post Content
Related
n8n Unauthenticated Remote Code Execution
What is the Vulnerability? CVE-2026-21858 arises from a Content-Type confusion flaw in n8nās webhook and form handling logic. Specifically, certain form-based workflows do not adequately validate or enforce multipart form content types, allowing attackers to override internal request parsing state. This allows unauthenticated attackers to: – Read arbitrary files from the server filesystem – Extract…
Sandworm Blamed for Wiper Attack on Poland Power Grid
Researchers attributed the failed attempt to the infamous Russian APT Sandworm, which is notorious for wiper attacks on critical infrastructure organizations.
CISA Flags Adobe AEM Flaw with Perfect 10.0 Score ā Already Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.
Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day
The vendor’s first Patch Tuesday of the year also contains fixes for 112 CVEs, nearly double the amount from last month.
eSIM Bug in Millions of Phones Enables Spying, Takeover
eSIMs around the world may be fundamentally vulnerable to physical and network attacks because of a 6-year-old Oracle vulnerability in technology that underlies billions of cards.
From a Whisper to a Scream: Europe Frets About Overreliance on US Tech
Concern is growing across Europe about relying on US cybersecurity companies, and Greenland takeover talk is eroding trust across the EU even further.