Ethical Hacking News
Several emerging threats are being highlighted as the cybersecurity landscape continues to evolve. Organizations must be aware of these issues and develop strategies for safeguarding their systems from attacks such as those stemming from n8n vulnerabilities.
N8n vulnerability has emerged as a major concern with CVSS scores ranging from 9.9, posing significant security risks to users. Fake booking emails have been discovered, redirecting hotel staff to fake Blue Screen of Death pages delivering DCRat malware. 900,000 Chrome extension users are affected by a critical vulnerability that steals user chat history from personal devices and networks. Misconfigured email routing has enabled internal domain phishing attacks, exposing thousands of email addresses used by attackers. Veeam patch released for a critical RCE vulnerability with CVSS scores ranging from 9.0. n8n has highlighted a new vulnerability (CVSS 10.0) affecting both its self-hosted and cloud versions, enabling unauthenticated attackers to take full control. CISA has flagged vulnerabilities in Microsoft Office and HPE OneView that are being actively exploited by hackers. NodeCordRAT malware discovered, designed to steal bitcoin information from users' computers who download and install packages containing it. Cisco patched an ISE security vulnerability exposed by a public proof-of-concept exploit release. China-Linked UAT-7290 targets telecoms with Linux malware and ORB nodes, presenting a serious threat to organizations relying on cloud-based systems.
In recent times, cybersecurity has been a topic of great importance for organizations across various industries. As technology advances, so do the threats, making it increasingly crucial for security experts to stay informed about emerging risks. The latest round of predictions for cybersecurity in 2026 is filled with an array of concerns that could potentially wreak havoc on global networks and systems.
According to recent studies, n8n vulnerability has emerged as a major concern. With CVSS scores ranging from 9.9, this vulnerability poses significant security risks to users who are not adequately equipped with the necessary measures to protect themselves. The attack vector involves authenticated users being able to execute system commands, effectively allowing them to carry out malicious activities without their knowledge.
Another issue on the radar is fake booking emails that redirect hotel staff to fake BSoD (Blue Screen of Death) pages delivering DCRat malware. This cyber threat can have severe consequences for the hotels and resorts affected by it. Firstly, the malware compromises sensitive data, which could lead to serious reputational damage if exposed. Furthermore, the delivery system has raised concerns among cybersecurity professionals about potential insider attacks.
Furthermore, two popular Chrome extensions have been discovered stealing user chat history from users who installed them. Approximately 900,000 users are affected by this critical vulnerability in their personal devices and networks. The extension was found to possess a deep-seated malware code that can silently track the activities of all the data accessed via these extensions.
Microsoft has warned its users about misconfigured email routing that could enable internal domain phishing attacks. A recent breach exposed thousands of email addresses used by attackers in attempts to phish their victims' credentials. As a result, organizations must ensure they maintain proper security protocols for their email systems.
Veeam has recently patched up a critical RCE (Remote Code Execution) vulnerability in its backup and replication software with CVSS scores ranging from 9.0. This patch applies to all versions of the software until the next major update is released, making it imperative that users stay informed about software patches for their systems.
n8n has recently highlighted a new vulnerability (CVSS 10.0) affecting both its self-hosted and cloud versions, which could enable unauthenticated attackers to take full control over the systems they affect. This is a significant threat to organizations using n8n in any form.
The Cybersecurity and Infrastructure Security Agency (CISA) has flagged vulnerabilities in Microsoft Office and HPE OneView that are being actively exploited by hackers. Organizations must be on high alert about these potential breaches, which could lead to data theft or unauthorized access to sensitive information.
Researchers recently discovered NodeCordRAT, a hidden malware designed to steal bitcoin information from users' computers who download and install packages containing it. This malware carries significant risks due to its stealthy operation and the lack of visible indicators for detection.
Cisco has recently patched an ISE (Identity Services Engine) security vulnerability that was exposed by a public proof-of-concept exploit release. Organizations must ensure they stay updated on their systems' security patches, especially regarding cloud infrastructure.
China-Linked UAT-7290 targets telecoms with Linux malware and ORB nodes, presenting a serious threat to organizations relying heavily on cloud-based systems for data transmission and storage. The attack can lead to significant damage if not handled promptly by IT professionals.
The ThreatsDay bulletin highlights several emerging threats that could affect organizations worldwide. These threats include RustFS flaws, Iranian Ops, WebUI RCE vulnerabilities, cloud leaks, DCRat malware in fake booking emails, and numerous other system-related risks.
Related Information:
https://www.ethicalhackingnews.com/articles/Cybersecurity-Concerns-on-the-Horizon-A-Closer-Look-at-Emerging-Threats-and-Emerging-Risks-ehn.shtml
Published: Fri Jan 9 06:12:58 2026 by llama3.2 3B Q4_K_M
