Threat Advisory
Insights That Shape the
Insights That Shape the
Future of Cybersecurity
Future of Cybersecurity
Stay ahead with expert perspectives, research, and real-world intelligence from BridgeLynk’s cybersecurity professionals—where strategy meets innovation.
Stay ahead with expert perspectives, research, and real-world intelligence from BridgeLynk’s cybersecurity professionals—where strategy meets innovation.
Critical Remote Code Execution (RCE) in AI Automation Tool n8n — "Ni8mare"
A critical unauthenticated RCE vulnerability (CVE-2026-21858, CVSS 10.0) in the popular AI workflow tool n8n allows attackers to read sensitive server files and escalate to full remote code execution. Here is what you need to know.
Critical Remote Code Execution (RCE) in AI Automation Tool n8n — "Ni8mare"
A critical unauthenticated RCE vulnerability (CVE-2026-21858, CVSS 10.0) in the popular AI workflow tool n8n allows attackers to read sensitive server files and escalate to full remote code execution. Here is what you need to know.
Critical Authentication Bypass in Cisco Catalyst SD-WAN — CVE-2026-20127
A maximum-severity vulnerability (CVSS 10.0) in Cisco Catalyst SD-WAN controllers is being actively exploited in the wild. Attackers are bypassing authentication, escalating to root, and establishing persistent access across enterprise network infrastructure.
Critical Authentication Bypass in Cisco Catalyst SD-WAN — CVE-2026-20127
A maximum-severity vulnerability (CVSS 10.0) in Cisco Catalyst SD-WAN controllers is being actively exploited in the wild. Attackers are bypassing authentication, escalating to root, and establishing persistent access across enterprise network infrastructure.
Notepad++ Update Feature Hijacked by Chinese State Hackers for Months
Between June and December 2025, Chinese state-linked hackers from the Lotus Blossom group hijacked the Notepad++ update mechanism to deliver a custom backdoor to millions of users. Here is a full breakdown of what happened and what organisations must do now.
Notepad++ Update Feature Hijacked by Chinese State Hackers for Months
Between June and December 2025, Chinese state-linked hackers from the Lotus Blossom group hijacked the Notepad++ update mechanism to deliver a custom backdoor to millions of users. Here is a full breakdown of what happened and what organisations must do now.