Blog – Page 258 – Cyber Mike

ThreatsDay Bulletin: Codespaces RCE, AsyncRAT C2, BYOVD Abuse, AI Cloud Intrusions & 15+ Stories

This week didn’t produce one big headline. It produced many small signals — the kind that quietly shape what attacks will look like next.
Researchers tracked intrusions that start in ordinary places: developer workflows, remote tools, cloud access, identity paths, and even routine user actions. Nothing looked dramatic on the surface. That’s the point. Entry is becoming less

Newsletter platform Substack notifies users of data breach

Newsletter platform Substack is notifying users of a data breach after attackers stole their email addresses and phone numbers in October 2025. […]

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says

Italy has foiled a series of cyberattacks targeting some of its foreign ministry offices, including one in Washington.

The post Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says appeared first on SecurityWeek.

SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown

The malware is known for dropping ransomware and other payloads, and for abusing infected machines to proxy traffic.

The post SystemBC Infects 10,000 Devices After Defying Law Enforcement Takedown appeared first on SecurityWeek.

CISA Orders Federal Agencies to Strengthen Edge Device Security Amid Rising Cyber Threats

The Buyer’s Guide to AI Usage Control

Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result is a widening

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical sandbox escape vulnerability in the n8n AI workflow automation platform could allow attackers to execute arbitrary commands on the server, Pillar Security reports. Tracked as CVE-2026-25049 (CVSS score of 9.4), the issue impacts the manner in which the n8n sandbox’s sanitization routine evaluates JavaScript expressions. Pillar discovered that the sandbox’s sanitizer could be […]

The post Critical N8n Sandbox Escape Could Lead to Server Compromise appeared first on SecurityWeek.

Data breach at fintech firm Betterment exposes 1.4 million accounts

Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. […]

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

Palo Alto Networks has not attributed the APT activity to any specific country, but evidence points to China.

The post Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries appeared first on SecurityWeek.

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month.
“The threat actor stopped maintaining its C2 servers on January 8 for the first time since we

Cyber News