Breaking News – Cyber Threats (last 6h)
Generated: 2026-01-28 12:00 PST
- New sandbox escape flaw exposes n8n instances to RCE attacks
BleepingComputer • 2026-01-28 09:46 • www.bleepingcomputer.com
Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host. […]
https://www.bleepingcomputer.com/news/security/new-sandbox-escape-flaw-exposes-n8n-instances-to-rce-attacks/ - Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware
The Hacker News • 2026-01-28 09:46 • thehackernews.com
Cybersecurity researchers have flagged a new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) on the official Extension Marketplace that claims to be a free artificial intelligence (AI) coding assistant, but stealthily drops a malicious payload on compromised hosts.
The extension, named “ClawdBot Agent – AI Coding Assistant” (“clawdbot.clawdbot-agent”)
https://thehackernews.com/2026/01/fake-moltbot-ai-coding-assistant-on-vs.html - FBI seizes RAMP cybercrime forum used by ransomware gangs
BleepingComputer • 2026-01-28 09:38 • www.bleepingcomputer.com
The FBI has seized the notorious RAMP cybercrime forum, a platform used to advertise a wide range of malware and hacking services, and one of the few remaining forums that openly allowed the promotion of ransomware operations. […]
https://www.bleepingcomputer.com/news/security/fbi-seizes-ramp-cybercrime-forum-used-by-ransomware-gangs/ - Empire cybercrime market owner pleads guilty to drug conspiracy
BleepingComputer • 2026-01-28 09:19 • www.bleepingcomputer.com
A Virginia man who co-created Empire Market, one of the largest dark web marketplaces at the time, pleaded guilty to federal drug conspiracy charges for facilitating $430 million in illegal transactions from 2018 to 2020. […]
https://www.bleepingcomputer.com/news/security/empire-cybercrime-market-owner-pleads-guilty-to-drug-conspiracy/ - Russian ELECTRUM Tied to December 2025 Cyber Attack on Polish Power Grid
The Hacker News • 2026-01-28 08:06 • thehackernews.com
The “coordinated” cyber attack targeting multiple sites across the Polish power grid has been attributed with medium confidence to a Russian state-sponsored hacking crew known as ELECTRUM.
Operational technology (OT) cybersecurity company Dragos, in a new intelligence brief published Tuesday, described the late December 2025 activity as the first major cyber attack targeting distributed energy
https://thehackernews.com/2026/01/russian-electrum-tied-to-december-2025.html - Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop?, (Wed, Jan 28th)
SANS ISC Diary (full) • 2026-01-28 08:02 • isc.sans.eduI was looking for possible exploitation of CVE-2026-21962, a recently patched WebLogic vulnerability. While looking for related exploit attempts in our data, I came across the following request:
- AI Is Rewriting Compliance Controls and CISOs Must Take Notice
BleepingComputer • 2026-01-28 07:00 • www.bleepingcomputer.com
AI agents are now executing regulated actions, reshaping how compliance controls actually work. Token Security explains why CISOs must rethink identity, access, and auditability as AI becomes a digital employee. […]
https://www.bleepingcomputer.com/news/security/ai-is-rewriting-compliance-controls-and-cisos-must-take-notice/ - SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws
BleepingComputer • 2026-01-28 06:39 • www.bleepingcomputer.com
SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. […]
https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
