The malware is known for dropping ransomware and other payloads, and for abusing infected machines to proxy traffic.
The post SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown appeared first on SecurityWeek.
CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats
The Buyer’s Guide to AI Usage Control
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening
Critical N8n Sandbox Escape Could Lead to Server Compromise
A critical sandbox escape vulnerability in the n8n AI workflow automation platform could allow attackers to execute arbitrary commands on the server, Pillar Security reports. Tracked as CVE-2026-25049 (CVSS score of 9.4), the issue impacts the manner in which the n8n sandbox’s sanitization routine evaluates JavaScript expressions. Pillar discovered that the sandbox’s sanitizer could be […]
The post Critical N8n Sandbox Escape Could Lead to Server Compromise appeared first on SecurityWeek.
Data breach at fintech firm Betterment exposes 1.4 million accounts
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. […]
Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries
Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China.
The post Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries appeared first on SecurityWeek.
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month.
“The threat actor stopped maintaining its C2 servers on January 8 for the first time since we
“The threat actor stopped maintaining its C2 servers on January 8 for the first time since we
Zendesk spam wave returns, floods users with ‘Activate account’ emails
A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies’ unsecured Zendesk support systems. Some recipients say they are receiving hundreds of messages with strange or alarming subject lines. such as ‘Activate account…’ […]
Cisco, F5 Patch High-Severity Vulnerabilities
The security defects can lead to DoS conditions, arbitrary command execution, and privilege escalation.
The post Cisco, F5 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
A new, critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in the execution of arbitrary system commands.
The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that
The flaw, tracked as CVE-2026-25049 (CVSS score: 9.4), is the result of inadequate sanitization that bypasses safeguards put in place to address CVE-2025-68613 (CVSS score: 9.9), another critical defect that