*Sans Internet Storm Center Stormcast* Podcast Highlights Critical Cybersecurity Threats and Vulnerabilities (January 8, 2026)

8 Jan 2026

CybersecurityVulnerabilitiesPhishingIoTPodcastRemoteCodeExecutionHTMLPhishingAIAutomationNetworkSecurity

The Sans Internet Storm Center Stormcast podcast from January 8, 2026, hosted by Johannes Ullrich in Jacksonville, Florida, covers several recent vulnerabilities and attack techniques. Yan reports on a phishing campaign using QR codes encoded as HTML tables in emails, bypassing filtering solutions that typically scan images. Four critical vulnerabilities were identified in N8N (an automation tool with AI agents), including one enabling unauthenticated remote code execution (CVE unspecified, described as a "nightmare"). An update for UniFi Protect fixes an RCE flaw exploitable from an adjacent network, linked to a non-routable discovery protocol. The podcast also highlights a trend of adding network features (Wi-Fi, screens) to power banks, increasing IoT risks. Additionally, a technical bug affecting the audio file's broadcast is mentioned.

Sans Internet Storm Center Stormcast Podcast Highlights Critical Cybersecurity Threats and Vulnerabilities (January 8, 2026)

Sans Internet Storm Center Stormcast Podcast Highlights Critical Cybersecurity Threats and Vulnerabilities (January 8, 2026)