Information security
Information security

55 minutes ago

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

55 minutes ago

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Three new security flaws in Microsoft Defender are actively exploited, with only one patched, allowing full SYSTEM-level access to attackers.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

more#microsoft-defender

22 minutes ago

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

A critical vulnerability in SGLang allows remote code execution via a crafted GGUF model file, with a CVSS score of 9.8.

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.

fromAlleyWatch

Information security

Artemis Raises $55M to Cut Security Response Times by 94% Through Autonomous Investigation

Information security

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Information security

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

2026 has seen significant cyber threats, including a major FBI hack and the discovery of the DarkSword iPhone exploit framework.

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Third-party tools are exploited to gain internal access, highlighting a shift in attack strategies that bend trust rather than break systems.

fromAlleyWatch

Artemis Raises $55M to Cut Security Response Times by 94% Through Autonomous Investigation

AI-powered cybersecurity solutions are essential to address the speed and complexity of modern attacks.

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers have targeted a vulnerability in discontinued TP-Link routers for a year without successful exploitation, according to Palo Alto Networks.

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

A critical vulnerability in the Model Context Protocol allows remote code execution, affecting over 7,000 servers and compromising sensitive data.

2026's Breach List So Far: FBI Hacked, 1B Androids at Risk, 270M iPhones Vulnerable

2026 has seen significant cyber threats, including a major FBI hack and the discovery of the DarkSword iPhone exploit framework.

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

58% of Organizations Spend Over 10 Hours a Month Securing AI-generated Code

31% of organizations using AI-generated code spend 10 hours or less per month on validation and auditing, raising security concerns.

fromArs Technica

Anthropic's Mythos AI model sparks fears of turbocharged hacking

AI-enabled cyber attacks surged 89% in 2025, with attackers acting within 29 minutes of gaining access.

Vercel Breach Originated from an Employee's AI Tool

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

McGraw Hill linked to 13.5M-record data leak

McGraw Hill experienced a data breach exposing 13.5 million records due to a Salesforce misconfiguration, leading to personal information circulating online.

fromSecuritymagazine

McGraw Hill Data Breach Caused by Salesforce Misconfiguration

McGraw Hill experienced a data breach linked to a Salesforce misconfiguration, with ShinyHunters claiming to have stolen 45 million records.

fromSecuritymagazine

19 hours ago

Vercel Breach Originated from an Employee's AI Tool

Vercel confirmed a data breach caused by a third-party AI tool used by an employee, impacting a limited subset of customers.

McGraw Hill linked to 13.5M-record data leak

McGraw Hill experienced a data breach exposing 13.5 million records due to a Salesforce misconfiguration, leading to personal information circulating online.

fromSecuritymagazine

McGraw Hill Data Breach Caused by Salesforce Misconfiguration

McGraw Hill experienced a data breach linked to a Salesforce misconfiguration, with ShinyHunters claiming to have stolen 45 million records.

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

Next.js developer Vercel warns customer creds compromised

Vercel experienced a data leak due to a compromise of Context.ai, affecting customer credentials and prompting immediate action.

Next.js Creator Vercel Hacked

Vercel confirmed a data breach involving unauthorized access to internal systems and compromised customer credentials.

fromInfoWorld

6 hours ago

Hackers exploit Vercel's trust in AI integration

Sensitive secrets should be treated as potentially exposed and rotated as a priority.

fromThe Verge

23 hours ago

Cloud development platform Vercel was hacked

Vercel experienced a security breach due to a compromised third-party AI tool, leading to the exposure of customer data.

Vercel Confirms Major Security Incident as Hacker Claims $2M Ransom Demand

Vercel confirmed a security incident involving unauthorized access to internal systems, with a threat actor claiming to sell stolen company data.

App host Vercel confirms security incident, says customer data was stolen via breach at Context AI | TechCrunch

Vercel experienced a data breach due to a compromised employee account linked to Context AI, exposing customer credentials.

Next.js developer Vercel warns customer creds compromised

Vercel experienced a data leak due to a compromise of Context.ai, affecting customer credentials and prompting immediate action.

Next.js Creator Vercel Hacked

Vercel confirmed a data breach involving unauthorized access to internal systems and compromised customer credentials.

fromInfoWorld

6 hours ago

Hackers exploit Vercel's trust in AI integration

Sensitive secrets should be treated as potentially exposed and rotated as a priority.

fromThe Verge

23 hours ago

Cloud development platform Vercel was hacked

Vercel experienced a security breach due to a compromised third-party AI tool, leading to the exposure of customer data.

Top 3 Cyber Insurance Incident Claims

Cyber incidents are increasing claims in the insurance industry despite decreasing premiums, indicating a more active risk environment.

Kubernetes attack surface explodes: number of threats quadruples

Kubernetes faces a surge in cyberattacks, with a 282% increase in attempts, particularly targeting the IT sector and crypto exchanges.

7 hours ago

Hackers Abuse QEMU for Defense Evasion

Threat actors are exploiting QEMU for ransomware and remote access tool deployment, with increased activity observed since late 2025.

fromnews.bitcoin.com

Layerzero Claims Zero Contagion After $290M Exploit as Disputed Narratives Deepen Scrutiny

A major exploit in DeFi bridge security reveals vulnerabilities in verifier design and raises accountability issues for Layerzero Labs and KelpDAO.

7 hours ago

Aikido Endpoint offers developers additional protection against supply chain attacks

Aikido Endpoint protects developers' endpoints from supply chain attacks by blocking high-risk installations before they reach the system.

Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems

ZionSiphon malware targets Israeli water treatment systems, showcasing a trend in politically motivated attacks on critical infrastructure.

#vulnerabilities

3 hours ago

Information security

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical vulnerabilities in Adobe, Fortinet, Microsoft, and SAP products were highlighted in April's Patch Tuesday releases.

3 hours ago

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters have serious vulnerabilities that can expose critical systems to remote attacks.

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical vulnerabilities in Adobe, Fortinet, Microsoft, and SAP products were highlighted in April's Patch Tuesday releases.

Microsoft releases Windows Server update to fix April update

Microsoft released an out-of-band update to fix a restart loop issue affecting Windows Server devices after the April 2026 update.

Microsoft closes book on rogue Windows Server 2025 upgrades

Microsoft has resolved the Windows Server 2025 upgrade issue, but new problems have emerged with the cumulative update KB5082063.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Microsoft's Zero Day Quest 2026 awarded $2.3 million for discovering 80 high-impact vulnerabilities in cloud and AI services.

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other Vulnerabilities

Microsoft addressed 169 security flaws, including one actively exploited vulnerability, marking the second largest Patch Tuesday ever.

Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days

Microsoft released a significant security update addressing 165 vulnerabilities, including two critical zero-days, marking one of the largest updates in its history.

5 hours ago

Microsoft releases Windows Server update to fix April update

Microsoft released an out-of-band update to fix a restart loop issue affecting Windows Server devices after the April 2026 update.

Microsoft closes book on rogue Windows Server 2025 upgrades

Microsoft has resolved the Windows Server 2025 upgrade issue, but new problems have emerged with the cumulative update KB5082063.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

Microsoft's Zero Day Quest 2026 awarded $2.3 million for discovering 80 high-impact vulnerabilities in cloud and AI services.

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other Vulnerabilities

Microsoft addressed 169 security flaws, including one actively exploited vulnerability, marking the second largest Patch Tuesday ever.

Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days

Microsoft released a significant security update addressing 165 vulnerabilities, including two critical zero-days, marking one of the largest updates in its history.

more#microsoft

fromwww.socialmediatoday.com

1 day ago

TikTok's US joint venture gains security infrastructure certification

TikTok USDS Joint Venture has achieved ISO/IEC 27001:2022 certification, enhancing user trust in its data security measures.

Mastodon says its flagship server was hit by a DDoS attack | TechCrunch

Mastodon's flagship server experienced a DDoS attack, causing significant outages and instability, but countermeasures were implemented to restore access.

#bluesky

Information security

Bluesky Disrupted by Sophisticated DDoS Attack

Information security

Bluesky Outage: Coordinated Traffic Attack Causes Widespread Errors

fromMashable

Information security

Bluesky outage: Why it happened

Information security

It's not just you - Bluesky is (sorta) down | TechCrunch

Information security

Bluesky Disrupted by Sophisticated DDoS Attack

Information security

Bluesky Outage: Coordinated Traffic Attack Causes Widespread Errors

fromMashable

Information security

Bluesky outage: Why it happened

Information security

It's not just you - Bluesky is (sorta) down | TechCrunch

AI vendors' response to security flaws: It wasn't me

AI vendors promote AI for security but often dismiss flaws as intended behavior.

20 hours ago

Information security

Prompt injection proves AI models are gullible like humans

Information security

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Information security

AI agents on GitHub leak API keys via prompt injection

Git identity spoof fools Claude into giving bad code the nod

AI code reviewers can be deceived into approving malicious code by spoofing trusted developer identities using Git commands.

Anthropic, Google, Microsoft paid AI bug bounties - quietly

Security researchers exploited prompt injection attacks on AI agents to steal sensitive data without vendor disclosure of vulnerabilities.

1 day ago

AI vendors' response to security flaws: It wasn't me

AI vendors promote AI for security but often dismiss flaws as intended behavior.

20 hours ago

Prompt injection proves AI models are gullible like humans

Prompt injection attacks exploit AI systems, similar to phishing, by embedding malicious instructions that the AI executes instead of treating as content.

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

A prompt injection attack method named 'Comment and Control' targets AI code security tools, allowing attackers to hijack AI agents using crafted GitHub comments.

AI agents on GitHub leak API keys via prompt injection

Three popular AI agents on GitHub Actions are vulnerable to Comment and Control attacks, allowing attackers to steal API keys and access tokens.

Git identity spoof fools Claude into giving bad code the nod

AI code reviewers can be deceived into approving malicious code by spoofing trusted developer identities using Git commands.

Anthropic, Google, Microsoft paid AI bug bounties - quietly

Security researchers exploited prompt injection attacks on AI agents to steal sensitive data without vendor disclosure of vulnerabilities.

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

Threat actors exploit vulnerabilities in TBK DVR and TP-Link routers to deploy Mirai-botnet variants, targeting IoT devices for large-scale attacks.

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.

#cybercrime

fromwww.independent.co.uk

Scottish man faces 22 years in US prison for $8m virtual currency scam

A Scottish man pleaded guilty to hacking and stealing over $8 million in virtual currency through phishing attacks.

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.

fromwww.independent.co.uk

Scottish man faces 22 years in US prison for $8m virtual currency scam

A Scottish man pleaded guilty to hacking and stealing over $8 million in virtual currency through phishing attacks.

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

Information security

ZionSiphon Malware Targets ICS in Water Facilities

Information security

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

A new malware campaign targeting Ukrainian healthcare institutions has been identified, utilizing deceptive emails to deliver malicious payloads.

Information security

What is Claude Mythos and what risks does it pose?

Information security

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

UK businesses must face up to AI threat, says government | Computer Weekly

AI models are rapidly advancing in discovering and exploiting software vulnerabilities, necessitating urgent attention from business leaders.

fromwww.bbc.com

What is Claude Mythos and what risks does it pose?

Anthropic's Claude Mythos AI model outperforms humans in some cybersecurity tasks, raising concerns among regulators and tech companies.

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

UK businesses must face up to AI threat, says government | Computer Weekly

AI models are rapidly advancing in discovering and exploiting software vulnerabilities, necessitating urgent attention from business leaders.

more#ai

#north-korea

Information security

North Korean social engineering campaign targets macOS users | Computer Weekly

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

North Korea targets macOS users in latest heist

North Korean criminals use social engineering and fake software updates to steal Apple users' credentials and cryptocurrency.

Recent advances push Big Tech closer to the Q-Day danger zone

Organizations are transitioning to new algorithms to replace RSA and elliptic curves due to vulnerabilities exposed by quantum computing threats.

fromDevOps.com

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

NIST will only enrich certain cybersecurity vulnerabilities in its database due to a surge in CVE submissions.

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.

NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions

NIST will only enrich certain cybersecurity vulnerabilities in its database due to a surge in CVE submissions.

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.

NIST updates NVD: not every CVE will be scrutinized

NIST is updating its vulnerability assessment methodology due to an overwhelming increase in CVEs, prioritizing critical vulnerabilities for analysis.

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST updates its National Vulnerability Database operations to prioritize enriching critical CVEs due to a surge in submissions.

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

fromThe Cipher Brief

An FBI Perspective on FISA Section 702

Allowing Section 702 to lapse would create intelligence gaps that adversaries are poised to exploit, threatening American security.

CISA tells feds to patch 13-year-old Apache ActiveMQ bug

CISA warns of a critical Apache ActiveMQ vulnerability requiring federal agencies to patch within two weeks to prevent exploitation.

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.

CISA tells feds to patch 13-year-old Apache ActiveMQ bug

CISA warns of a critical Apache ActiveMQ vulnerability requiring federal agencies to patch within two weeks to prevent exploitation.

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.

How CSOs Can Win Board Support for Gunshot Detection Technology

CSOs must effectively frame gunshot detection technology to gain executive support and align it with corporate risk priorities.

Cisco Wi-Fi boxes writing 5MB of undeletable data daily

Cisco Wi-Fi access points may fill onboard memory with nonessential data, risking software update failures due to insufficient disk space.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

Cisco Wi-Fi boxes writing 5MB of undeletable data daily

Cisco Wi-Fi access points may fill onboard memory with nonessential data, risking software update failures due to insufficient disk space.

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.

more#cisco

Operation PowerOFF Seizes 53 DDoS Domains, Exposes 3 Million Criminal Accounts

"Booter services allow users to launch DDoS attacks against targeted websites, servers, or networks. Their infrastructure is made up of servers, databases, and other technical components that make DDoS-for-hire activities possible. By seizing these infrastructures, authorities were able to hinder these criminal operations and prevent further damage to victims."

Information security

Broadcom brings secure AI agent environment to VMware Tanzu

Broadcom's VMware Tanzu Platform Agent Foundations provides a secure environment for autonomous AI applications with zero-trust networking and automated management.

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

A social engineering campaign exploits Obsidian to distribute PHANTOMPULSE trojan targeting financial and cryptocurrency sectors.

MCP 'design flaw' puts 200k servers at risk: Researcher

A design flaw in Anthropic's Model Context Protocol puts 200,000 servers at risk, despite repeated requests for a patch from security researchers.

Cyber Essentials closes the MFA loophole but leaves some organisations adrift | Computer Weekly

Multi-factor authentication becomes mandatory under Cyber Essentials v3.3, with no exceptions for organizations failing to implement it.

fromComputerworld

Cisco Systems issues three advisories for critical vulnerabilities in Webex, ISE

Identity and access management is crucial for cybersecurity, with a focus on IAM hygiene necessary to mitigate risks from vulnerabilities.

Malicious WordPress Plugins with Backdoors Compromise Thousands of Websites

Malicious WordPress plugins with backdoors compromised thousands of websites, demonstrating a supply-chain attack and leading to their permanent removal.

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk has released fixes for high and medium-severity vulnerabilities in its products, including Splunk Enterprise, Cloud Platform, and MCP Server.

Server-room lock was nothing but a crock

A security vulnerability allowed unauthorized access to a server room due to a flaw in the two-factor authentication lock.

Ransomware Hits Automotive Data Expert Autovista

We are responding to a ransomware incident affecting certain Autovista systems in Europe and Australia. We appreciate our customers' patience as we work to respond to this incident in a disciplined manner.

Information security

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

Threat actors are weaponizing n8n to conduct phishing campaigns and deliver malicious payloads through automated emails.