-
Cybersecurity researchers have disclosed details of two now-patched security flaws in the n8n workflow automation platform, including two critical bugs that could result in arbitrary command execution. The vulnerabilities are listed below – CVE-2026-27577 (CVSS score: 9.4) – Expression sandbox escape leading to remote code execution (RCE) CVE-2026-27493 (CVSS score: 9.5) – Unauthenticated
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Meta on Wednesday said it disabled over 150,000 accounts associated with scam centers in Southeast Asia as part of a coordinated effort in partnership with authorities from Thailand, the U.S., the U.K., Canada, Korea, Japan, Singapore, the Philippines, Australia, New Zealand, and Indonesia. The effort also led to 21 arrests made by the Royal Thai Police, the company said. The action builds upon
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
UNC6426 hackers turned a routine NPM update into a direct path to full AWS administrator access in under 72 hours, highlighting how fragile CI/CD-to-cloud trust can become when roles are overly permissive. When a developer at the victim organization updated or installed the affected package via a code editor plugin, the postinstall script silently executed […]
The post UNC6426 Hackers Exploit NPM Package to Gain AWS Admin Access in 72 Hours appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity from the editors at Cybercrime Magazine
Sausalito, Calif. – Mar. 11, 2026Fergus Hay is the CEO & co-founder of The Hacking Games, a recruitment tech platform that uses AI to identify gamers whose skills can be transferred to ethical hacking and cybersecurity roles.
Hay joined Cybercrime Magazine Podcast hosts Paul John Spaulding, Kyle Haglund, and Sam White on the latest episode of CTRL, ALT, HACKED to discuss his company, what inspired the creation of it, why ethical hackers are valuable, and more.
The Hacking Games is enabling the cybersecurity industry to hire unconventional talent to fill its labor deficit by using entertainment, social media and online communities to acquire GenZ talent, and a bespoke AI platform to skills match candidates to jobs.
“Built for the ones who never fit in” is The Hacking Games’ tag. If you’re young and don’t fit in, then you might want to explore a career in cybersecurity.
Cybercrime Magazine is Page ONE for Cybersecurity. Go to any of our sections to read the latest:
- SCAM. The latest schemes, frauds, and social engineering attacks being launched on consumers globally.
- NEWS. Breaking coverage on cyberattacks and data breaches, and the most recent privacy and security stories.
- HACK. Another organization gets hacked every day. We tell you who, what, where, when, and why.
- VC. Cybersecurity venture capital deal flow with the latest investment activity from various sources around the world.
- M&A. Cybersecurity mergers and acquisitions including big tech, pure cyber, product vendors and professional services.
- BLOG. What’s happening at Cybercrime Magazine. Plus the stories that don’t make headlines (but maybe they should).
- PRESS. Cybersecurity industry news and press releases in real time from the editors at Business Wire.
- PODCAST. New episodes daily on the Cybercrime Magazine Podcast feature victims, law enforcement, vendors, and cybersecurity experts.
- RADIO. Tune into WCYB Digital Radio at Cybercrime.Radio, the first and only round-the-clock internet radio station devoted to cybersecurity.
Contact us to send story tips, feedback and suggestions, and for sponsorship opportunities and custom media productions.
The post The Hacking Games Is Recruiting GenZ Talent To Create A Generation Of Cyber Fighters appeared first on Cybercrime Magazine.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP has released security updates to address two critical security flaws that could be exploited to achieve arbitrary code execution on affected systems. The vulnerabilities in question listed below – CVE-2019-17571 (CVSS score: 9.8) – A code injection vulnerability in SAP Quotation Management Insurance application (FS-QUO) CVE-2026-27685 (CVSS score: 9.1) – An insecure deserialization
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used productivity software. With a base CVSS score of 8.4, the flaw demands immediate attention from […]
The post Critical Vulnerability in Microsoft Office Allows Malicious Code to Run Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
·
Aryaka researchers have identified a new threat from a Russian-speaking group using ‘BlackSanta’ malware. By disguising attacks as job applications, hackers are bypassing security to target recruitment workflows.¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The State Department has shifted the model underpinning its internal chatbot, StateChat, from Anthropic’s Claude Sonnet 4.5 to OpenAI’s GPT-4.1, according to an internal document obtained by Nextgov/FCW.
The document also indicates that less data is available to StateChat users, at least temporarily. The new model has only been trained on data through May 2024. The Claude-powered version of StateChat was trained on data as recent as June 2025, a source familiar with the situation told Nextgov/FCW. The person spoke on the condition of anonymity to provide details about the model’s training data.
The document also shows that State employees using a customGPT setup running on Claude were asked to move to a non-Anthropic tool by March 6.
The switch comes after President Trump's Feb. 27 directive ordering government agencies to evict Anthropic tools from their systems.
“In line with the president’s direction to cancel Anthropic contracts, Anthropic’s Claude models are no longer available on the Department’s enterprise generative AI platform,” a State Department spokesperson told Nextgov/FCW. “The department is taking all necessary steps to implement the directive and bring our programs into full compliance.”
Reuters previously reported directives in multiple agencies, including State, requiring switches from Claude to ChatGPT.
Claude was initially made available for federal agency operations as part of the General Services Administration’s OneGov deal that brokered favorable software rates for the government, many for a temporary period of time.
Following the governmentwide ban of Anthropic technology, the company filed two lawsuits Monday. One, filed in the D.C. circuit court, invokes provisions in the Federal Acquisition Supply Chain Security Act of 2018 as rationale against the government’s designation of Anthropic as a supply chain risk.
The second, filed in the U.S. District Court in the Northern District of California, names dozens of federal agencies and officials as defendants in allegations of inappropriate retaliation against Anthropic and calls for an injunction.
]]>¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
“You knew, and you could have acted. Why didn’t you?” This is the question you do not want to be asked. And increasingly, it’s the question leaders are forced to answer after an incident. For years, many executive teams and boards have treated a large vulnerability backlog as an uncomfortable but tolerable fact of life: “we’ve accepted the risk.” If you’ve ever seen a report showing
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread technical outage has struck Instagram, leaving thousands of users globally unable to access the popular social media application. The disruption, which primarily impacted users in the United States, represents a significant service degradation for Meta’s infrastructure. While the company has not yet released an official statement regarding the root cause, the scale of […]
The post Instagram Down: Global Outage Prevents Users from Posting and Messaging appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
