A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep
January 07, 2026
7:23
1.19 MB ( 5.01 MB less)
Downloads: 0
A phishing campaign with QR codes rendered using an HTML table
Phishing emails are bypassing filters by encoding QR codes as HTML tables.
https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%20table/32606
n8n vulnerabilities
In recent days, several new n8n vulnerabilities were disclosed. Ensure that you update any on-premises installations and carefully consider what to use n8n for.
https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858
https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg
Power bank feature creep is out of control
Simple power banks are increasingly equipped with advanced features, including networking, which may expose them to security risks.
https://www.theverge.com/tech/856225/power-banks-are-the-latest-victims-of-feature-creep