Microsoft, Salesforce Patch AI Agent Data Leak Flaws
Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.
darkreading – Read More
Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data.
darkreading – Read More
In Chile, cybersecurity compliance is becoming an operational issue, not just a legal one. Under the new Cybersecurity Framework Law, organizations must show they have real capabilities for threat detection, incident analysis, and response. For many teams, that exposes a serious gap between regulatory expectations and day-to-day security operations.
Chile has taken a decisive step toward strengthening its national cybersecurity posture with the approval of Law No. 21.663 – the Cybersecurity Framework Law. This legislation establishes mandatory cybersecurity obligations for organizations classified as:
Unlike traditional compliance frameworks that focus on policies and documentation, Chile’s approach is outcome-driven and risk-based. Organizations must demonstrate real operational capabilities– not just checkbox compliance. With enforcement and audits ramping up through 2025-2026, the compliance window is closing fast.
The scope is broad. An estimated 915 organizations across energy, telecommunications, banking and financial services, digital infrastructure, healthcare, and public institutions must now prove their cybersecurity readiness.
Chile’s Cybersecurity Framework Law does not mandate specific tools, but it does set clear expectations for operational readiness. Regulated organizations are expected to have the following:
Effective threat detection: Identify malicious activity before it causes damage
Timely incident analysis and response: Understand what happened, how, and what to do
Continuous risk management: Adapt defenses as the threat landscape evolves
Evidence-based reporting: Provide detailed, defensible reports to Chile’s national CSIRT and regulatory authorities
Regulated entities must permanently apply technical and organizational measures to prevent, report, and resolve cybersecurity incidents in line with ANCI protocols and sector-specific standards. They must also report significant cyberattacks and incidents to the national CSIRT under a defined timeline.
For operators of vital importance, requirements are stricter. They must run a continuous information security management system, document security actions, and maintain certified cybersecurity and continuity plans, reviewed at least every two years.
They are also expected to conduct regular exercises, implement rapid containment measures, train staff, and appoint an independent cybersecurity delegate with direct access to top management and formal responsibility for coordination with ANCI.
The reporting timelines are especially important for CISOs, SOC leaders, and MSSPs serving regulated clients. The law requires an early warning within three hours after learning of a significant incident, an updated report within 72 hours, and a final report within 15 days.
If the affected entity is an OIV and the incident disrupts its essential service, the second report deadline tightens to 24 hours. OIVs must also communicate a formal action plan within seven days.
The key shift is simple: the law focuses less on documented intent and more on proven capability. It is not enough to say controls are in place. Organizations need to show they can investigate suspicious activity, confirm whether a threat is real, and support response decisions with evidence.
That changes the standard for security teams. Alerts alone are not enough. Teams need visibility, faster analysis, and a reliable investigation trail they can stand behind during reporting, audits, and post-incident review.
The legal exposure is serious. Minor infringements can be fined up to 5,000 UTM, serious infringements up to 10,000 UTM, and very serious infringements up to 20,000 UTM. For operators of vital importance, those maximums double to 10,000, 20,000, and 40,000 UTM respectively.
For leadership, the business risk goes beyond the fine itself. When teams cannot investigate suspicious activity quickly, explain what happened, or produce defensible incident evidence, the result can be longer disruption, slower communication with authorities, and more exposure during audits. That is why this law should not be treated as only a legal issue. It is also a detection, response, and operational-readiness issue.
For SOCs and incident response teams across Chile, the new requirements create significant operational pressure:

Chilean organizations are facing the same challenge plaguing SOCs globally: too many alerts, not enough time to investigate them properly. SOC teams are drowning in noise from SIEM and EDR platforms, struggling to separate real threats from false positives.
The cybersecurity skills gap is acute in Latin America. According to industry data, LATAM experiences approximately 2,716 cyberattacks per organization per week, significantly above the global average. Yet there aren’t enough trained analysts to keep pace with investigation demands.
Many sandbox solutions provide a verdict, but limited visibility into how the threat behaves or why it matters. When regulators ask for detailed incident reports, security teams need more than a malicious or benign label. They need evidence, context, and a clearer view of the attack chain.
Attackers targeting Latin America, particularly Chile’s banking and financial sectors, are deploying region-specific malware families like Mekotio, Grandoreiro, and Casbaneiro. These threats use novel evasion techniques specifically designed to bypass legacy detection systems.
Under Chile’s new framework, security gaps are no longer just technical weaknesses. They can become compliance failures, reporting delays, and broader business risks. ANY.RUN helps organizations close those gaps with stronger threat visibility, faster analysis, and more defensible response workflows.
One of the hardest parts of compliance is knowing which threats deserve immediate attention. Security teams already deal with large volumes of alerts, but the new law raises the need for monitoring that is not only active, but relevant to actual business risk.
ANY.RUN’s Threat Intelligence Lookup helps teams focus on threats that matter most to their environment. Rather than treating threat intelligence as just another dataset, it works as an operational layer that connects threat context with prioritization and action across the SOC lifecycle. Instead of relying only on generic indicators, organizations can investigate threats through industry- and geo-specific context.
For example, a query such as submissionCountry:”CL” AND industry:”banking” can help teams understand what is actively targeting Chile’s financial sector. This gives analysts faster context for triage, supports continuous risk management, and helps organizations build monitoring around real threats rather than assumptions.

With this approach, organizations can:
Threat visibility is only the first step. Once a suspicious file, URL, or email is detected, teams still need to understand what it actually does, how serious it is, and what actions should follow.
ANY.RUN’s Interactive Sandbox helps security teams investigate threats through real behavioral analysis. Instead of receiving only a verdict, analysts can observe malicious activity as it unfolds, understand the attack chain, extract indicators, and see the broader context of the incident. This makes it easier to validate threats faster, support containment decisions, and produce clearer evidence for reporting, audits, and post-incident review.

In practice, this allows organizations to:
Meeting regulatory expectations also depends on how quickly security teams can move from detection to action. When threat data stays locked in separate tools or requires manual handling, triage slows down, response becomes less consistent, and reporting gets harder under tight deadlines.
ANY.RUN helps reduce that friction by connecting threat intelligence and sandbox analysis directly to existing security workflows through ready-made connectors, STIX/TAXII, and API/SDK options. This allows teams to move investigation data into SIEM, SOAR, EDR, and TIP environments faster, so enrichment, correlation, and response can happen with less manual effort.

Threat Intelligence Feeds continuously deliver high-confidence malicious indicators sourced from live attack investigations across 15,000 organizations and 600,000 analysts, helping teams work with fresh threat data instead of static lists.
This gives organizations the ability to:
Security teams also need confidence that sensitive analyses can be handled in a controlled environment that supports internal governance, confidentiality, and audit readiness. That is especially important for organizations working under stricter reporting obligations and higher regulatory scrutiny.
ANY.RUN supports that need with SOC 2 Type II attested security and private, access-controlled sandbox analysis designed for confidential investigations.
ANY.RUN’s private sandbox sessions remain confidential through strict access controls and encrypted data processing, helping organizations investigate threats without exposing case data to the public community. For leadership, this matters because improving detection and response is not enough on its own. The investigation environment also needs to meet enterprise expectations for security, privacy, and operational reliability.
This becomes especially valuable when incidents involve sensitive internal files, regulated environments, or investigations that may later be reviewed by auditors, executives, or external authorities. With stronger privacy controls around analysis data, organizations can reduce the risk of accidental exposure while giving security teams a safer way to investigate suspicious activity and preserve a defensible trail of evidence.
ANY.RUN, a leading provider of interactive malware analysis and threat intelligence solutions, helps security teams investigate threats faster and with greater clarity across modern enterprise environments.
It allows teams to safely execute suspicious files and URLs, observe real behavior in an Interactive Sandbox, enrich indicators with immediate context through TI Lookup, and monitor emerging malicious infrastructure using Threat Intelligence Feeds. Together, these capabilities help reduce investigation uncertainty, accelerate triage, and limit unnecessary escalations across the SOC.
The law raises the standard from having policies on paper to proving operational readiness in practice. It sets minimum requirements for preventing, containing, resolving, and responding to cyber incidents, creates ANCI as the national authority, and gives regulators a clearer basis for oversight and sanctions. In practice, that means leadership teams need confidence that detection, investigation, reporting, and continuity measures will hold up under pressure.
The law applies to providers of essential services and to entities designated as Operators of Vital Importance, or OIVs. The covered sectors include areas such as energy, water, telecom, digital infrastructure, transport, banking and payments, postal services, and healthcare, while ANCI has the power to formally qualify OIVs.
At a minimum, regulated entities must permanently apply measures to prevent, report, and resolve incidents. For OIVs, the bar is higher: they must run a continuous information security management system, maintain records of security actions, implement and review continuity and cybersecurity plans, carry out ongoing reviews and exercises, train staff, and appoint a cybersecurity delegate who reports upward.
Because the reporting clock starts quickly. The law requires an early alert within 3 hours of learning about a significant incident, an update within 72 hours, and a final report within 15 days. If an OIV’s essential service is affected, the update deadline tightens to 24 hours, and OIVs must also adopt an action plan within 7 days. For leadership, this makes delayed investigation a business risk, not just a technical issue.
No. It does not prescribe named products. What it does require is that organizations can prevent, report, and resolve incidents, follow ANCI protocols and standards, and support continuity and incident handling with real operational capability. That is why the focus for leadership should be less on tool count and more on whether teams can investigate, decide, and report fast enough when it matters.
Because the law is built around response, reporting, and oversight. ANCI can require information needed to understand incidents, supervise compliance, and enforce sanctions, while the law also emphasizes continuity, risk management, and documented actions. For leadership teams, that makes clear evidence and a defensible investigation trail part of compliance readiness.
The post Chile’s Cybersecurity Framework Law: How SOCs Achieve Compliance and Response Readiness appeared first on ANY.RUN’s Cybersecurity Blog.
ANY.RUN’s Cybersecurity Blog – Read More
Congress is set to take up the reauthorization of a divisive program that lets U.S. spy agencies pore over foreigners’ calls, texts and emails.
The post Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections appeared first on SecurityWeek.
SecurityWeek – Read More
Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems.
The post $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks appeared first on SecurityWeek.
SecurityWeek – Read More
If your office works remotely in any way, you’ll need reliable internal communication tools to keep information flowing smoothly and everyone on the same page.
Latest news – Read More

AI workflow automation platforms such as Zapier and n8n are primarily used to connect different software applications (e.g., Slack, Google Sheets, or Gmail) with AI models (e.g., OpenAI’s GPT-4 or Anthropic’s Claude). These platforms have been applied to different application domains, including cybersecurity over the past few months, especially with the progress that has been made in new avenues like large language models (LLMs) and agentic AI systems. However, much like other legitimate tools, AI workflow automation platforms can be weaponized to orchestrate malicious activities, like delivering malware by sending automated emails.
This blog describes how n8n, one of the most popular AI workflow automation platforms, has been abused to deliver malware and fingerprint devices by sending automated emails.
N8n is a workflow automation platform that connects web applications and services (including Slack, GitHub, Google Sheets, and others with HTTP-based APIs) and builds automated workflows. A community-licensed version of the platform can be self-hosted by organizations. The commercial service, hosted at n8n.io, includes AI-driven features that can create agents capable of using web-based APIs to pull data from documents and other data sources.
Users can register for an n8n developer account at no initial charge. Doing so creates a subdomain on “tti.app.n8n[.]cloud” from which the user’s applications can be accessed. This is similar to many web-based AI-aided development tools, and one that malicious actors have harnessed elsewhere in the past; earlier this year, Talos observed another AI-oriented web application service, Softr.io, being used for the creation of phishing pages used in a series of targeted attacks.
Talos’ investigation found that a primary point of abuse in n8n’s AI workflow automation platform is its URL-exposed webhooks. A webhook, often referred to as a “reverse API,” allows one application to provide real-time information to another. These URLs register an application as a “listener” to receive data, which can include programmatically pulled HTML content. An example of an n8n webhook URL is shown in Figure 1.

When the URL receives a request, the subsequent workflow steps are triggered, returning results as an HTTP data stream to the requesting application. If the URL is accessed via email, the recipient’s browser acts as the receiving application, processing the output as a webpage.
Talos has observed a significant rise in emails containing n8n webhook URLs over the past year. For example, the volume of these emails in March 2026 was approximately 686% higher than in January 2025. This increase is driven, in part, by several instances of platform abuse, including malware delivery and device fingerprinting, as we will discuss in the next sections.

Because webhooks mask the source of the data they deliver, they can be used to serve payloads from untrusted sources while making them appear to originate from a trusted domain. Furthermore, since webhooks can dynamically serve different data streams based on triggering events — such as request header information — a phishing operator can tailor payloads based on the user-agent header.

Talos observed a phishing campaign (shown in Figure 3) that used an n8n-hosted webhook link in emails that purported to be a shared Microsoft OneDrive folder. When clicked, the link opened a webpage in the targeted user’s browser containing a CAPTCHA.

Once the CAPTCHA is completed, a download button appears, triggering a progress bar as the payload is downloaded from an external host. Because the entire process is encapsulated within the JavaScript of the HTML document, the download appears to the browser to have come from the n8n domain.

In this case, the payload was an .exe file named “DownloadedOneDriveDocument.exe” that posed as a self-extracting archive. When opened, it installed a modified version of the Datto Remote Monitoring and Management (RMM) tool and executed a chain of PowerShell commands.

The PowerShell commands generated by the malicious executable extract and configure the Datto RMM tool, configure it as a scheduled task, and then launch it, establishing a connection to a relay on Datto’s “centrastage[.]net” domain before deleting themselves and the rest of the payload.

Talos observed a similar campaign that also utilized an n8n webhook to deliver a different payload. Like the previous instance, it featured a self-contained phishing page delivered as a data stream from the webhook, protected with a CAPTCHA for human verification.

This CAPTCHA code was significantly simpler than the first case. The payload delivered upon solving the CAPTCHA was a maliciously modified Microsoft Windows Installer (MSI) file named “OneDrive_Document_Reader_pHFNwtka_installer.msi”. Protected by the Armadillo anti-analysis packer, the payload deployed a different backdoor: the ITarian Endpoint Management RMM tool. When executed by “msiexec.exe”, the file installs a modified version of the ITarian Endpoint RMM, which acts as a backdoor while running Python modules to exfiltrate information from the target’s system. During this process, a fake installer GUI displays a progress bar; once finished, the bar resets to 0% and the application exits, creating the illusion of a failed installation.
Talos observed another common abuse case: device fingerprinting. This is achieved by embedding an invisible image (or tracking pixel) within an email. For example, when the <img> HTML tag is used, it tells the email client (e.g., Outlook or Gmail) to fetch an image from a specific URL. Figure 9 shows an example spam email in the Spanish language that leverages this technique.

When the email client attempts to load the image, it automatically sends an HTTP GET request to the specified address, which is an n8n webhook URL. These URLs include tracking parameters (such as the victim’s email address), allowing the server to identify exactly which user opened the email. Also, it is clear how this image is made invisible by using the “display” and “opacity” CSS properties.

The second example below uses the same technique to track email opens and fingerprint the recipient’s device. Here, the sender tries to get a hold of recipient by introducing a new gift card feature.


The same workflows designed to save developers hours of manual labor are now being repurposed to automate the delivery of malware and fingerprinting devices due to their flexibility, ease of integration, and seamless automation. As we continue to leverage the power of low-code automation, it’s the responsibility of security teams to ensure these platforms and tools remain assets rather than liabilities.
Because several AI automation platforms exist today that are inherently designed to be flexible and trustworthy, the security community must move beyond simple static analysis to effectively counter their abuse. For instance, instead of blocking entire domains, which would disrupt legitimate business workflows, security researchers should investigate behavioral detection approaches. These should trigger alerts when high volumes of traffic are directed toward such platforms from unexpected internal sources. Similarly, if an endpoint attempts to communicate with an AI automation platform’s domain (e.g., “n8n.cloud”) that is not part of the organization’s authorized workflow, it should trigger an immediate alert.
Collaborative intelligence sharing is another effective approach to countering malicious email campaigns. Security teams should prioritize sharing indicators of compromise (IOCs) — such as specific webhook URL structures, malicious file hashes, and command and control (C2) domains — with platforms like Cisco Talos Intelligence.
Last but not least, safeguarding against these complex threats necessitates a comprehensive email security solution that utilizes AI-driven detection. Secure Email Threat Defense employs distinctive deep learning and machine learning models, incorporating Natural Language Processing, within its sophisticated threat detection systems. It detects harmful techniques employed in attacks against your organization, extracts unmatched context for particular business risks, offers searchable threat data, and classifies threats to identify which sectors of your organization are most at risk of attack. You can register now for a free trial of Email Threat Defense.
IOCs for this threat also available on our GitHub repository here.
93a09e54e607930dfc068fcbc7ea2c2ea776c504aa20a8ca12100a28cfdcc75a 7f30259d72eb7432b2454c07be83365ecfa835188185b35b30d11654aadf86a0 hxxps[://]onedrivedownload[.]zoholandingpage[.]com/my-workspace/DownloadedOneDrive hxxps[://]majormetalcsorp[.]com/Openfolder hxxps[://]pagepoinnc[.]app[.]n8n[.]cloud/webhook/downloading-1a92cb4f-cff3-449d-8bdd-ec439b4b3496 hxxps[://]monicasue[.]app[.]n8n[.]cloud/webhook/download-file-92684bb4-ee1d-4806-a264-50bfeb750dab
Cisco Talos Blog – Read More
Companies on the front lines of AI adoption are also hiring and laying off more employees on average than those that aren’t, Gallup found.
Latest news – Read More
Active HanGhost Loader campaign targets enterprise payment and logistics workflows with fileless attacks, multi-stage execution, and stealthy malware delivery.
Hackread – Cybersecurity News, Data Breaches, AI and More – Read More
Microsoft on Tuesday released updates to address a record 169 security flaws across its product portfolio, including one vulnerability that has been actively exploited in the wild.
Of these 169 vulnerabilities, 157 are rated Important, eight are rated Critical, three are rated Moderate, and one is rated Low in severity. Ninety-three of the flaws are
The Hacker News – Read More
OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that’s specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos.
“The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems
The Hacker News – Read More