Harmonic Security Raises $17.5M Series A to Accelerate Zero-Touch Data Protection to Market

Blog

Byadmblake March 28, 2025

Post Content

Blog

Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Cybersecurity researchers have disclosed two new security flaws in the n8n workflow automation platform, including a crucial vulnerability that could result in remote code execution. The weaknesses, discovered by the JFrog Security Research team, are listed below – CVE-2026-1470 (CVSS score: 9.9) – An eval injection vulnerability that could allow an authenticated user to bypass…

Read More Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution
Blog

Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks. The vulnerabilities are listed below – CVE-2025-38352 (CVSS score: 7.4) – A privilege escalation flaw in the Linux Kernel…

Read More Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack
Blog

APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks

The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenamed Operation Neusploit. Zscaler ThreatLabz said it observed the hacking group weaponizing the shortcoming on January 29, 2026, in attacks targeting users in Ukraine, Slovakia, and…

Read More APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
Blog

Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It’s tracking the activity under the name Erudite Mogwai….

Read More Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware
Blog

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

An Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) has been linked to a spear-phishing campaign targeting journalists, high-profile cyber security experts, and computer science professors in Israel. “In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who posed as fictitious assistants to

Read More Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks
Blog

SonicWall Firewall Backups Stolen by Nation-State Actor

The network security vendor said the MySonicWall breach was unrelated to the recent wave of Akira ransomware attacks targeting the company’s devices.

Read More SonicWall Firewall Backups Stolen by Nation-State Actor

Related