Critical Zero-Click Flaw in n8n Allows Full Server Compromise
The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account to be exploited
Infosecurity Magazine
20 articles
CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws
CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks
Police Scotland Fined After Sharing Victim’s Phone Data
The ICO has fined Police Scotland after it shared the entire contents of a victim’s phone with her alleged attacker
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker
France: National Cybersecurity Agency Reports Ransomware Attack Drop in 2025
French small and medium businesses remained the organizations most targeted by ransomware in 2025
Infosecurity Europe Announces 2026 Keynote Line Up
Infosecurity Europe 2026 reveals its keynote line-up, featuring Jason Fox, Shlomo Kramer, Cynthia Kaiser and more, with sessions on AI, cloud security and po...
Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio
LeakyLooker flaws in Google Looker Studio let attackers run cross-tenant SQL attacks on cloud data
Compromised WordPress Sites Deliver ClickFix Attacks in Global Infostealer Campaign
Over 250 legitimate websites, including news outlets and a US Senate candidate’s official webpage, been compromised to infect visitors with infostealers, war...
BlackSanta EDR-Killer Targets HR Teams in CV-Themed Campaign
BlackSanta malware targets HR staff with fake resumes, kills EDR and steals system data
Researchers Discover Major Security Gaps in LLM Guardrails
Palo Alto Networks’ Unit 42 has developed a successful attack to bypass safety guardrails in popular generative AI tools
Cyber-Attacks on UK Firms Increase at Four Times Global Rate
Check Point data shows attack volumes are growing much faster in the UK than worldwide
Microsoft Fixes Two Publicly Disclosed Zero-Days
March Patch Tuesday sees Microsoft release updates for 79 flaws
OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity
Only 24% Of organizations Test Identity Recovery Every Six Months
Only 24% of organizations test identity disaster recovery plans every 6 months, Quest Software said
Cloud Attackers Now Prefer Vulnerability Exploits Over Credentials, Google Cloud Finds
Google Cloud report details a sharp rise in attackers exploiting software vulnerabilities, including React2Shell
Ericsson Breach Exposes Data of 15k Employees and Customers
Ericsson data breach affects 15k employees/customers after third-party service provider compromise
Russian Hackers Target WhatsApp and Signal Accounts of Global Military and Government Officials
Dutch intelligence reveals Russian state hackers are trying to hijack the Signal and WhatsApp accounts of key targets
ShinyHunters Targets Hundreds of Websites in New Salesforce Campaign
Prolific ShinyHunters group claims to have stolen data from nearly 400 websites in Experience Cloud attacks
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Trump Administration Unveils New Cyber Strategy for America
US national cyber strategy focuses on stronger defenses, countering threats, fostering innovation