Bridgelynk Blogs
Critical Remote Code Execution (RCE) in AI Automation Tool n8n — "Ni8mare"
A critical unauthenticated RCE vulnerability (CVE-2026-21858, CVSS 10.0) in the popular AI workflow tool n8n allows attackers to read sensitive server files and escalate to full remote code execution. Here is what you need to know.
Critical vulnerability affecting Cisco Catalyst SD-WAN - CVE-2026-20127
A maximum-severity vulnerability (CVSS 10.0) in Cisco Catalyst SD-WAN controllers is being actively exploited in the wild. Attackers are bypassing authentication, escalating to root, and establishing persistent access across enterprise network infrastructure.
Notepad++ Update Feature Hijacked by Chinese State Hackers for Months
Between June and December 2025, Chinese state-linked hackers from the Lotus Blossom group hijacked the Notepad++ update mechanism to deliver a custom backdoor to millions of users. Here is a full breakdown of what happened and what organisations must do now.
GitHub Confirms Breach of 4,000 Repositories Through Malicious VSCode Extension
GitHub has confirmed a significant security breach involving nearly 4,000 internal repositories after a malicious Visual Studio Code extension was installed on an employee's device. The trojanised Nx Console extension harvested credentials including GitHub tokens, AWS keys, and 1Password vault data.