#auth

Customs and Border Protection is asking companies to pitch tools for performing deep analysis on the contents of devices seized at the US border.

## Summary Denial of Service vulnerability in `/rest/binary-data` endpoint when processing empty filesystem URIs (`filesystem://` or `filesystem-v2://`). ### Impact This is a Denial of Service (DoS) vulnerability that allows authenticated attackers to cause service unavailability through malformed filesystem URI requests. The vulnerability affects: - The `/rest/binary-data` endpoint - n8n.cloud instances (confirmed HTTP/2 524 timeout responses) Attackers can exploit this by sending GET requests with empty filesystem URIs (`filesystem://` or `filesystem-v2://`) to the `/rest/binary-data` endpoint, causing resource exhaustion and service disruption. ### Patches The issue has been patched in [1.99.0](https://github.com/n8n-io/n8n/releases/tag/n8n%401.99.0). All users should upgrade to this version or later. The fix introduces strict checking of URI patterns. Patch commit: https://github.com/n8n-io/n8n/pull/16229

The “El Chapo” Mexican drug cartel snooped on FBI personnel through hacked cameras, and listened in on their phone calls to...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSOFT Update Manager Vulnerabilities: Integer Underflow (Wrap or Wraparound), Protection Mechanism Failure 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code, disclose information, alter information, or cause a denial-of-service (DoS) condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric MELSOFT Update Manager are affected: MELSOFT Update Manager SW1DND-UDM-M: Versions 1.000A to 1.012N 3.2 VULNERABILITY OVERVIEW 3.2.1 INTEGER UNDERFLOW (WRAP OR WRAPAROUND) CWE-191 Mitsubishi Electric MELSOFT Update Manager is vulnerable to an Integer Underflow vulnerability in 7-zip, included in MELSOFT Update Manager, that could allow a remote attacker to execute arbitrary code by decompressing a specially crafted compressed file. As a result, the attacke...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: MicroSCADA X SYS600 Vulnerabilities: Incorrect Default Permissions, External Control of File Name or Path, Improper Validation of Integrity Check Value, Exposure of Sensitive Information Through Data Queries, Improper Certificate Validation 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to tamper with the system file, overwrite files, create a denial-of-service condition, or leak file content. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are affected: Hitachi Energy MicroSCADA Pro/X SYS600: version 10.0 up to 10.6 (CVE-2025-39201, CVE-2025-39202, CVE-2025-39204, CVE-2025-39205) Hitachi Energy MicroSCADA Pro/X SYS600: version 10.5 up to 10.6 (CVE-2025-39203) Hitachi Energy MicroSCADA Pro/X SYS600: version 10.3 up to 10.6 (CVE-2025-39205) 3.2 VULNERABILITY OVERVIEW 3...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful exploitation of this vulnerability could result in a denial-of-service condition for legitimate users for a certain period by repeatedly attempting to log in with incorrect passwords. When the product repeatedly receives unauthorized logins from an attacker, legitimate users will be unable to be authenticated until a certain period has passed after the lockout or until the product is reset. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of MELSEC iQ-F Series is affected: FX5U-32MT/ES: All versions FX5U-32MT/DS: All versions FX5U-32MT/ESS: All versions FX5U-32MT/DSS: All versions FX5U-32MR/ES: All versions FX5U-32MR/DS: All versions FX5U-64MT/ES: All versions FX5U-64MT/DS: All versions FX5U-64MT/ESS: All versions FX5...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670/650 and SAM600-IO series Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION An authenticated user with file access privilege via FTP access can cause the Relion 670/650 and SAM600-IO series device to reboot due to improper disk space management. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Hitachi Energy reports that the following products are affected: Hitachi Energy Relion 650: version 1.0.0 up to and not including 2.0.0 Hitachi Energy Relion 650: version 2.1.0 up to 2.2.0 Hitachi Energy Relion 650: version 2.2.0 up to 2.2.0.13 Hitachi Energy Relion 650: version 2.2.1.0 up to and including 2.2.1.8 Hitachi Energy Relion 650: version 2.2.4.0 up to and including 2.2.4.5 Hitachi Energy Relion 650: version 2.2.5.0 up to and including 2.2.5.7 Hitachi Energy Relion 650: version 2.2.6.0 up to and including 2.2.6.3 Hita...

SentinelLabs uncovers NimDoor, new North Korea-aligned macOS malware targeting Web3 and crypto firms. Exploits Nim, AppleScript, and steals Keychain, browser, shell, and Telegram data.

LGBTIQ+ organizations in El Salvador are using technology to protect themselves and create a record of the country’s ongoing authoritarian escalations against their community. It’s not without risks.

An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant (or C:\vagrant on Windows). This includes the Vagrantfile configuration file, which is a Ruby script evaluated by the host every time a vagrant command is executed in the project directory. If a low-privileged attacker obtains shell access to the guest VM, they can append arbitrary Ruby code to the mounted Vagrantfile. When a user on the host later runs any vagrant command, the injected code is executed on the host with that user’s privileges. While this shared-folder behavior is well-documented by Vagrant, the security implications of Vagrantfile execution from guest-writable storage are not explicitly addressed. This effectively enables guest-to-host code execution in multi-tenant or adversarial VM scenarios.