The Register on MSN

HackerOne 'ghosted' me for months over $8,500 bug bounty, says researcher

Long after CVEs issued and open source flaws fixed Last fall, Jakub Ciolek reported two denial-of-service bugs in Argo CD, a ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
Computer Weekly

Nvidia unveils Vera Rubin architecture to power AI agents

The AI chip giant has taken the wraps off its latest compute platform designed for test-time scaling and reasoning models, alongside a slew of open source models for robotics and autonomous driving ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
The Hacker News

New n8n Vulnerability (9.9 CVSS) Lets Authenticated Users Execute System Commands

Critical n8n flaw CVE-2025-68668 allows authenticated users to run system commands via workflows; affects versions 1.0.0 to ...
CNX Software

ESP32-DIV V1 handheld pentesting tool supports Wi-Fi Attacks, BLE spoofing, 2.4GHz scanning, and Sub-GHz jamming

Designed by Cirket open-source hardware in China, the ESP32-DIV V1 is a handheld wireless pentesting and experimentation tool ...