The Hacker News

Password Reuse in Disguise: An Often-Missed Risky Workaround

Near-identical password reuse bypasses security policies, enabling attackers to exploit predictable patterns using breached ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
PCMag on MSN

I don't trust password generators, so I built my own. Here's how you can, too

Ready for the ultimate in password security? You can build your own uncrackable random generator; all you need is a ...
PCMag on MSN

Proton Pass

Sleek and easy-to-navigate free password management apps for Android and iOS ...

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.
WeLiveSecurity

Award-winning news, views, and insight from the ESET security community

This month in security with Tony Anscombe – January 2026 edition The trends that emerged in January offer useful clues about the risks and priorities that security teams are likely to contend with ...