← Latest brief

Security news.

·Morning Brief

Today's security brief highlights a critical, actively exploited RCE vulnerability in the n8n workflow automation platform, prompting a CISA alert. Additionally, a major medical technology company, Stryker, has been impacted by an Iran-linked wiper malware attack, causing significant disruption. Developers should also be aware of a new wave of supply-chain attacks targeting the npm registry.

THNRCE
Mar 12READ

CISA Flags Actively Exploited n8n RCE Bug

CISA has added a critical remote code execution flaw, CVE-2025-68613, in the n8n workflow automation platform to its Known Exploited Vulnerabilities catalog, with approximately 24,700 instances still exposed.

BLEEPINGMALWARE
Mar 11READ

Medtech Giant Stryker Offline After Iran-linked Wiper Malware Attack

Leading medical technology company Stryker has been hit by a wiper malware attack claimed by Handala, an Iranian-linked hacktivist group, causing significant operational disruption.

BLEEPINGVULN
Mar 11READ

SQLi Flaw in Elementor Ally Plugin Impacts 250k+ WordPress Sites

An SQL injection vulnerability in Elementor's Ally WordPress plugin, with over 400,000 installations, could allow unauthenticated attackers to steal sensitive data.

BLEEPING
Mar 11READ

New PhantomRaven NPM Attack Wave Steals Dev Data via 88 Packages

The 'PhantomRaven' supply-chain campaign has launched new attacks on the npm registry, deploying dozens of malicious packages designed to exfiltrate sensitive data from JavaScript developers.

PHISHING
READ

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam

Researchers demonstrated that agentic AI browsers, like Perplexity's Comet, can be tricked into falling for phishing and scam traps by exploiting their reasoning capabilities.

KREBSPATCH
Mar 11READ

Microsoft Patch Tuesday, March 2026 Edition

Microsoft released security updates addressing 77 vulnerabilities in Windows and other software, with no zero-day flaws reported this month.

SECURITYWEEKBREACH
Mar 11READ

238,000 Impacted by Bell Ambulance Data Breach

A data breach at Bell Ambulance resulted in hackers stealing personal information, including names, Social Security numbers, and driver’s license numbers, affecting 238,000 individuals.

THN
Mar 11READ

Meta Disables 150K Accounts Linked to Southeast Asia Scam Centers

Meta disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a global crackdown, leading to 21 arrests by Thai police.

Generated twice daily from public security RSS feeds. Informational only.