Skip to content
cyber security news today Page 3

cyber security news today

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control

Jan 07, 2026Ravie LakshmananVulnerability / Automation Cybersecurity researchers have disclosed details of yet another maximum-severity security flaw in n8n, a popular workflow automation platform, that allows an unauthenticated remote attacker to gain complete control over… 

Read More »Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Attackers to Take Full Control
Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators

Jan 07, 2026The Hacker NewsThreat Detection / Endpoint Security Security teams are still catching malware. The problem is what they’re not catching. More attacks today don’t arrive as files. They don’t drop binaries. They don’t… 

Read More »Learn How AI-Powered Zero Trust Detects Attacks with No Files or Indicators
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions

Jan 07, 2026Ravie LakshmananVulnerability / Cloud Security Open-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE). The vulnerability, which has… 

Read More »n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
The Future of Cybersecurity Includes Non-Human Employees

The Future of Cybersecurity Includes Non-Human Employees

Jan 07, 2026The Hacker NewsEnterprise Security / Artificial Intelligence Non-human employees are becoming the future of cybersecurity, and enterprises need to prepare accordingly. As organizations scale Artificial Intelligence (AI) and cloud automation, there is exponential… 

Read More »The Future of Cybersecurity Includes Non-Human Employees
Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication

Jan 07, 2026Ravie LakshmananVulnerability / Enterprise Security Veeam has released security updates to address multiple flaws in its Backup & Replication software, including a “critical” issue that could result in remote code execution (RCE). The… 

Read More »Veeam Patches Critical RCE Vulnerability with CVSS 9.0 in Backup & Replication
Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing

Jan 07, 2026Ravie LakshmananEmail Security / Financial Fraud Threat actors engaging in phishing attacks are exploiting routing scenarios and misconfigured spoof protections to impersonate organizations’ domains and distribute emails that appear as if they have… 

Read More »Microsoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

Jan 07, 2026Ravie LakshmananNetwork Security / Vulnerability A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 (CVSS score: 9.3),… 

Read More »Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers’ control. The names of… 

Read More »Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users
Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

Jan 06, 2026Ravie LakshmananIoT Security / Vulnerability The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain… 

Read More »Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

Jan 06, 2026Ravie LakshmananMalware / Endpoint Security Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD)… 

Read More »Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat