CSO Online

AWS Bedrock’s ‘isolated’ sandbox comes with a DNS escape hatch

BeyondTrust shows how AWS Bedrock AgentCore’s ‘isolated’ environment can be tricked into data exfiltration and command ...
The Hacker News

AI Flaws in Amazon Bedrock, LangSmith, and SGLang Enable Data Exfiltration and RCE

DNS flaw in Amazon Bedrock and critical AI vulnerabilities expose data and enable RCE, risking breaches and infrastructure ...
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure.
Bleeping Computer

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as ...
Threat Post

ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models

ASUS patched a bug that allowed attackers to pair two vulnerabilities to gain direct router access and execute commands as root. ASUS released patches for over a dozen router models on Tuesday that ...