DiscoverSANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep

SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep

Update: 2026-01-08
Share

Description



A phishing campaign with QR codes rendered using an HTML table

Phishing emails are bypassing filters by encoding QR codes as HTML tables.

https://isc.sans.edu/diary/A%20phishing%20campaign%20with%20QR%20codes%20rendered%20using%20an%20HTML%20table/32606

n8n vulnerabilities

In recent days, several new n8n vulnerabilities were disclosed. Ensure that you update any on-premises installations and carefully consider what to use n8n for.

https://www.cyera.com/research-labs/ni8mare-unauthenticated-remote-code-execution-in-n8n-cve-2026-21858

https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg

Power bank feature creep is out of control

Simple power banks are increasingly equipped with advanced features, including networking, which may expose them to security risks.

https://www.theverge.com/tech/856225/power-banks-are-the-latest-victims-of-feature-creep
Comments 
loading
In Channel
SANS Stormcast Monday, February 16th, 2026: Graph Generator; nslookup and clickfix; Chrome 0-Day; TURN Threats

SANS Stormcast Monday, February 16th, 2026: Graph Generator; nslookup and clickfix; Chrome 0-Day; TURN Threats

2026-02-1606:00

SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring

SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring

2026-02-1305:43

SANS Stormcast Thursday, February 12th, 2026: WSL in Malware; Apple and Adobe Patches

SANS Stormcast Thursday, February 12th, 2026: WSL in Malware; Apple and Adobe Patches

2026-02-1206:09

SANS Stormcast Wednesday, February 11th, 2026: Microsoft Patch Tuesday; Secure Boot Updates; Fake 7-Zip; FortiSlob

SANS Stormcast Wednesday, February 11th, 2026: Microsoft Patch Tuesday; Secure Boot Updates; Fake 7-Zip; FortiSlob

2026-02-1107:54

SANS Stormcast Tuesday, February 10th, 2026: Extracting URLs; Singal Phishing; Ivanti PoC; BeyondTrust RCE; Forticlient SQL Inection

SANS Stormcast Tuesday, February 10th, 2026: Extracting URLs; Singal Phishing; Ivanti PoC; BeyondTrust RCE; Forticlient SQL Inection

2026-02-1004:30

SANS Stormcast Monday, February 9th, 2026: Azure Vulnerabilties; AI Vulnerability Discovery; GitLab AI Gateway Vuln

SANS Stormcast Monday, February 9th, 2026: Azure Vulnerabilties; AI Vulnerability Discovery; GitLab AI Gateway Vuln

2026-02-0905:23

SANS Stormcast Friday, February 6th, 2026: Broken Phishing; n8n vulnerability; Android Update; Watchguard Firebox LDAP Injection

SANS Stormcast Friday, February 6th, 2026: Broken Phishing; n8n vulnerability; Android Update; Watchguard Firebox LDAP Injection

2026-02-0604:42

SANS Stormcast Thursday, February 5th, 2026: Malicious Scripts; Synectix Vuln; Google Chrome; Google Looker;

SANS Stormcast Thursday, February 5th, 2026: Malicious Scripts; Synectix Vuln; Google Chrome; Google Looker;

2026-02-0506:17

SANS Stormcast Wednesday, February 4th, 2026: Detecting OpenClaw; Synology telnetd Patch; More GlassWorm

SANS Stormcast Wednesday, February 4th, 2026: Detecting OpenClaw; Synology telnetd Patch; More GlassWorm

2026-02-0404:56

SANS Stormcast Tuesday, February 3rd, 2026: Scanning for AI; Notepad++ Compromise; OpenClaw Vulnerabilities

SANS Stormcast Tuesday, February 3rd, 2026: Scanning for AI; Notepad++ Compromise; OpenClaw Vulnerabilities

2026-02-0306:25

SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy

SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy

2026-02-0207:15

SANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates

SANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates

2026-01-3006:19

SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches

SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches

2026-01-2906:01

SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

2026-01-2807:38

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

2026-01-2705:50

SANS Stormcast Monday, January 26th, 2026: FortiOS SSO Vuln Updates; Outlook OOB Update; VMware vCenter Exploited

SANS Stormcast Monday, January 26th, 2026: FortiOS SSO Vuln Updates; Outlook OOB Update; VMware vCenter Exploited

2026-01-2604:21

SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability

SANS Stormcast Friday, January 23rd, 2026: Scanning AI Code; FortiGate Update; ISC BIND DoS; Trivial SmaterMail Vulnerability

2026-01-2307:03

SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS SOC Survey

SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS SOC Survey

2026-01-2206:33

SANS Stormcast Wednesday, January 21st, 2026: Punycode Hunting; telnetd vuln; 6 day Certs and IP Certs; Oracle Patches

SANS Stormcast Wednesday, January 21st, 2026: Punycode Hunting; telnetd vuln; 6 day Certs and IP Certs; Oracle Patches

2026-01-2106:44

SANS Stormcast Tuesday, January 20th, 2026: Scans Against LLMs; NTLM Rainbow Table; OOB MSFT Patch

SANS Stormcast Tuesday, January 20th, 2026: Scans Against LLMs; NTLM Rainbow Table; OOB MSFT Patch

2026-01-2006:00

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep

SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; n8n vulnerability; Powerbank Feature Creep

Dr. Johannes B. Ullrich