InfoSec News 29JAN2026
General
- Apparently, there are enough exposed LLM servers on the Internet, to make a viable business. Scan the Internet, find unsecured Ollama/vLLM/OpenAI-compatible endpoints, test, then re-sell access.
- Moltbot (formerly Clawdbot) has rapidly gained popularity as a self-hosted AI assistant (commonly hooked up to commercial LLM's, with Claude an obvious target). Unfortunately, a lot of these installations are being exposed on the Internet.
- High-quality code from SolarWinds - their "Web Help Desk IT" software has multiple low-complexity, unauthenticated, remote code execution (RCE) vulnerabilities, and a second hard-coded credentials vulnerability (after an earlier one in 2024). Perhaps a decent secure software development lifecycle might help?
- The RAMP forum has been taken down by the FBI. RAMP was designed to be a safe space for ransomware, after ransomware was kicked from the Exploit and XSS forums (in the wake of the Colonial Pipeline attack, and the attention it garnered).
- More vulnerabilities in the N8N workflow automation platform, kicking off with a 9.9 rated bug.
Following earlier vulnerability disclosures, n8n strengthened its JavaScript sandbox and, for the Python Code node, introduced a new “task-runner” option along with additional sandbox hardening measures. Despite these improvements, our research team was able to bypass these protections, demonstrating that even robust sandboxing mechanisms can be circumvented.
In both cases, exploitation resulted in remote code execution (RCE) by abusing gaps in the AST sanitization logic. Attackers that are able to create n8n workflows can exploit these vulnerabilities and easily achieve full remote code execution on the host running the n8n service. The vulnerabilities were applicable on n8n’s cloud platform and are still applicable on any self-hosted deployment of n8n which is running an unpatched version.
- https://research.jfrog.com/post/achieving-remote-code-execution-on-n8n-via-sandbox-escape/
- https://www.bleepingcomputer.com/news/security/new-sandbox-escape-flaw-exposes-n8n-instances-to-rce-attacks/
- A little-known antivirus vendor - eScan by MicroWorld Technologies - had their update infrastructure compromised to deliver malware. There's a dispute whether MicroWorld detected it before a report from Morphisec.
MicroWorld are downplaying the attack, however it poses an interesting question - how was the attacker able to upload an executable that was installed and run, as part of an update?
Unauthorized access to one of our regional update server configurations resulted in an incorrect file (patch configuration binary/corrupt update) being placed in the update distribution path
While the modified Reload.exe is signed with what appears to be eScan's code-signing certificate, both Windows and VirusTotal show the signature as invalid.
- https://www.bleepingcomputer.com/news/security/escan-confirms-update-server-breached-to-push-malicious-update/
- https://www.morphisec.com/blog/critial-escan-threat-bulletin/
- Spammers have found the next legitimate service to abuse, to send phishing emails to users - PowerBI. Not the first service abused like this, won't be the last.
- [AU] NSW departments have 24 hours to report security incidents to Cyber Security NSW.
As part of reforms effective August last year, NSW departments and agencies are now subject to mandatory incident reporting.
Now, incidents must be reported to Cyber Security NSW within 24 hours of their detection and classification for timely escalation and visibility across government.
...
Agencies are also required to develop a lifecycle management plan for all "Crown Jewel" ICT assets, from software, operational technology, internet of things to cloud, under Directive DCS-2025-04, by June 30 this year.
- https://www.itnews.com.au/news/nsw-to-overhaul-state-cyber-emergency-plan-623220
- https://www.digital.nsw.gov.au/preview-link/node/821/074c47c0-7021-4a41-82ad-76dbd535b44e
- [US] A dark web marketplace admin has plead guilty, for running "Kingdom Market". Despite being arrested in December 2023, the plea agreement has only recently been announced, with sentencing set to occur in May (jail: 5-40 years, up to $5m fine).
- [US] More dark web marketplace guilty pleas - the administrators of the "Empire Market" (an AlphaBay clone). Sentencing set to occur in June).
Crime pays, but justice catches up with you. At current prices 1BTC ~= US$90k, so 1230BTC~=US$110m, 1584BTC~=US$143m.
Hamilton agreed to forfeit certain ill-gotten proceeds, including, among things, approximately 1,230 bitcoin and 24.4 Ether, as well as three properties in Virginia.
...
Pavey agreed to forfeit certain ill-gotten proceeds, including, among things, approximately 1,584 bitcoin, two boxes containing 25-ounce gold bars, three automobiles, and two properties in Florida.
- https://www.justice.gov/usao-ndil/pr/co-creator-dark-web-marketplace-pleads-guilty-chicago-drug-conspiracy-charge
- https://www.bleepingcomputer.com/news/security/empire-cybercrime-market-owner-pleads-guilty-to-drug-conspiracy/
- [US] The Federal Trade Commission is pushing for more online age verification. He also seemed to miss the irony of complaining "the last thing they need is to have their kids’ data harvested and monetized by multibillion dollar tech companies", whilst also calling for AI to profile users "Behavioral age verification … strikes me as one of the best use cases for artificial intelligence, Machine learning can help detect patterns in browsing and usage behavior that consistently indicate whether a user is too young to be on the platform."
“Age verification offers a better way — it offers a way to unleash American innovation without compromising the health and well-being of America's most important resource: its children,” Meador said in a speech at an agency-hosted age verification workshop. “It is a tool that empowers rather than replaces America's parents — really, I don't know that we can afford to forego it.”
Getting Techy
- There was a bug in Instagram, that sometimes revealed private posts. Responsible disclosure was rather rocky - the bus was fixed, but the report marked as "Not Applicable".
- Kaspersky have observed a new version of the CoolClient backdoor, being used by chinse threat actors (Mustang Panda / HoneyMyte / Bronze President / Funky Fanblade). It has all the features you'd expect of this kind of RAT. DLL sideloading to run, encrypted loaders and configuration files. Interesting item was that it not only extracts HTTP Proxy authentication from raw traffic, it also sends these back to the C2.
AI
- OpenAI has set the initial pricing for advertising on the platform - doesn't sound cheap.
OpenAI plans to charge up to $60 per 1,000 views for ChatGPT ads, which is on par with live NFL broadcasts.
- AWS bungles notifications, as part of its Project Dawn plan to replace some employees with AI.
The email sent on Tuesday signed by Colleen Aubrey, senior vice president of applied AI solutions at AWS, wrongly said that impacted employees in the U.S., Canada and Costa Rica had already been informed they lost their jobs.