'LeakyLooker' flaws let hackers gain access to user information in Google Looker Studio

Nine bugs were found in Google's Looker Studio which could have allowed outside access.
Techlomedia

Critical SQL Injection Vulnerability Found in Elementor Ally WordPress Plugin, Over 250,000 Sites Still at Risk

A serious security vulnerability has been discovered in the Ally plugin for WordPress. The flaw could allow attackers to ...
SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.
Voice&Data

Tenable uncovers ‘LeakyLooker’ flaws in Google Looker Studio

Research: Google has patched 9 Looker Studio flaws identified by Tenable that exposed cross-tenant data risks and enabled potential SQL injection and data exfiltration.
SecurityWeek

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.
The Hacker News

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA adds n8n RCE flaw CVE-2025-68613 to KEV after active exploitation; 24,700 exposed instances raise compromise risk.