Critical RCE Flaws in n8n and D-Link Routers Under Active Exploitation; CISA Issues Urgent Warnings

Publication Date: January 8, 2026

Summary

This cybersecurity brief for January 8, 2026, covers a series of critical vulnerabilities and active threats. Headlining the news are two maximum-severity (CVSS 10.0) remote code execution flaws in the n8n workflow automation platform, one unauthenticated and one authenticated, prompting urgent patching. Concurrently, a zero-day RCE is being actively exploited in end-of-life D-Link routers, with no patch forthcoming. CISA has added exploited flaws in HPE OneView and legacy PowerPoint to its KEV catalog. Major incidents include a data breach claim against broadband provider Brightspeed by the Crimson Collective, a ransomware attack on claims giant Sedgwick by TridentLocker, and a large-scale SEO poisoning campaign by the Black Cat group. Additionally, reports highlight novel phishing tactics abusing Microsoft 365 and Google Cloud services, and malicious Chrome extensions stealing AI chat data from nearly a million users.

Today New Articles

Zero-Day in End-of-Life D-Link Routers Actively Exploited; No Patch Will Be Released

A critical zero-day command injection vulnerability, CVE-2026-0625, is being actively exploited in the wild, affecting multiple end-of-life (EOL) D-Link DSL router models. The flaw, rated 9.3 on the CVSS scale, allows unauthenticated remote attackers to execut...

Black Cat Group Targets Notepad++ Users in Massive SEO Poisoning Campaign

The notorious Black Cat (ALPHV) cybercrime group is behind a large-scale SEO poisoning campaign that uses malicious advertisements and manipulated search results to distribute an information-stealing backdoor. The campaign targets users searching for popular s...

Brightspeed Investigates Breach Claim by Crimson Collective Affecting 1M+ Customers

US fiber broadband provider Brightspeed is actively investigating a data breach claim made by the 'Crimson Collective' extortion group. The threat actors allege they have stolen a massive dataset containing the personally identifiable information (PII) of over...

CISA Warns of RCE Flaw in Hitachi Energy ICS Product

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an Industrial Control Systems (ICS) advisory, ICSA-26-008-01, for a vulnerability in Hitachi Energy's Asset Suite. The flaw, CVE-2025-10492, could allow a remote attacker to achieve remo...

Article Updates

TridentLocker Ransomware Strikes Claims Giant Sedgwick in Breach-then-Encrypt Attack

Update:Sedgwick has officially confirmed the cybersecurity incident, stating that the TridentLocker ransomware attack specifically targeted its Sedgwick Government Solutions subsidiary. The breach was reportedly contained to an isolated file transfer system used for...