Innovative Network, Inc

Blog

VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX

Popular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names. The problem, according to Koi,…

Read More VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Blog

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

A new critical security vulnerability has been disclosed in n8n, an open-source workflow automation platform, that could enable an authenticated attacker to execute arbitrary system commands on the underlying host. The vulnerability, tracked as CVE-2025-68668, is rated 9.9 on the CVSS scoring system. It has been described as a case of a protection mechanism failure….

Read More New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands
Blog

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

Users of the “@adonisjs/bodyparser” npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could allow a remote attacker to write arbitrary files on the server. Tracked as CVE-2026-21440 (CVSS score: 9.2), the flaw has been described as a path traversal issue…

Read More Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers
Blog

Startup Trends Shaking Up Browsers, SOC Automation, AppSec

In 2025, these startups have reimagined browser security, pioneered application security for AI-generated code, and are building consensus on agentic vs. human costs.

Read More Startup Trends Shaking Up Browsers, SOC Automation, AppSec
Blog

Advisor360 Gets a Handle on Shadow AI via Automation

With employees looking for the benefits of artificial intelligence, a FinTech company stepped up controls with automation.

Read More Advisor360 Gets a Handle on Shadow AI via Automation
Blog

CISOs Face A Tighter Insurance Market in 2026

Post Content

Read More CISOs Face A Tighter Insurance Market in 2026
Blog

Critical ‘MongoBleed’ Bug Under Active Attack, Patch Now

A memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers.

Read More Critical ‘MongoBleed’ Bug Under Active Attack, Patch Now
Blog

US Cyber Pros Plead Guilty Over BlackCat Ransomware Activity

Two US citizens pleaded guilty to working as ALPHV/BlackCat ransomware affiliates in 2023, and both were previously employed by prominent security firms.

Read More US Cyber Pros Plead Guilty Over BlackCat Ransomware Activity
Blog

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. “This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025,” the 360 Threat Intelligence Center said in

Read More Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government
Blog

Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks

The botnet known as Kimwolf has infected more than 2 million Android devices by tunneling through residential proxy networks, according to findings from Synthient. “Key actors involved in the Kimwolf botnet are observed monetizing the botnet through app installs, selling residential proxy bandwidth, and selling its DDoS functionality,” the company said in an analysis published…

Read More Kimwolf Android Botnet Infects Over 2 Million Devices via Exposed ADB and Proxy Networks