Daily Security Briefing #155
- DjediTech
- Security , Newsletter
- February 4, 2026
Table of Contents
February 4, 2026 | Read Online
Search ad phishing, Critical unencrypted data, Evolving Android malware and more…
Executive Summary
Today marks a concerning day in cybersecurity with multiple vulnerabilities disclosed across various platforms. A critical flaw in n8n’s workflow automation platform has been exposed along with public exploits, while TP-Link routers have been found to be vulnerable to authenticated command injection attacks. Meanwhile, hackers are actively scanning Citrix NetScaler infrastructure for exposed login panels and a new stealthy malware campaign dubbed DEAD#VAX has come to light.
Top Articles
Critical n8n Flaws Disclosed Along with Public Exploits
Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of the environment and taking complete control of the host server. […]
Hackers Actively Scan Citrix NetScaler Infrastructure to Identify Exposed Login Panels
A coordinated global reconnaissance campaign has been observed targeting Citrix ADC (NetScaler) Gateway infrastructure, with attackers launching a massive scan aimed at discovering authentication panels and enumerating software versions.
Multiple TP-Link OS Command Injection Flaws Allow Attackers to Gain Admin Control
TP-Link has released a critical security advisory addressing multiple authenticated command injection vulnerabilities affecting its popular Archer BE230 Wi-Fi 7 router (v1.2). The flaws, collectively tracked under several CVE identifiers, could allow an authenticated attacker to execute arbitrary system commands and gain full administrative control over the device.
TP-Link Vulnerabilities Let Hackers Take Full Control of Devices
Security researchers jro, caprinuxx, and sunshinefactory discovered nine distinct vulnerabilities tracked under separate CVE identifiers in TP-Link’s Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected devices.
MomentProof Deploys Patented Digital Asset Protection
MomentProof, Inc., a provider of AI-resilient digital asset certification and verification technology, announced the successful deployment of MomentProof Enterprise for AXA, enabling cryptographically authentic, tamper-proof digital assets for insurance claims processing.
Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact
In a celebration of innovation, Kelly Hiscoe has been recognized among the esteemed list of CRN 2026 Channel Chiefs. The honor comes as security teams continue to grapple with expanding attack surfaces and persistent resource constraints.
Celebrating the 2025 Check Point Software EMEA Partner Award Winners
Check Point Software Technologies recognized outstanding partners across the EMEA region who continue to deliver AI-powered, prevention-first cyber security outcomes for customers. The winners were honored during the Check Point EMEA Sales Kickoff event.
Amaranth-Dragon: Targeted Cyber Espionage Campaigns Across Southeast Asia
Check Point Research uncovered highly targeted cyber espionage campaigns aimed at government and law enforcement agencies across the ASEAN region, attributed to Amaranth-Dragon, a threat actor closely linked to APT 41.
Amaranth-Dragon: Weaponizing CVE-2025-8088 for Targeted Espionage in the Southeast Asia
Several campaigns targeting multiple countries in the Southeast Asian region have been identified under the codename “Amaranth-Dragon”, demonstrating a clear focus on government entities across the region.
Checkpoint Research | Checkpoint Research
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
Microsoft announced the development of a lightweight scanner that can detect backdoors in open-weight large language models (LLMs) and improve trust in artificial intelligence (AI) systems.
The Hacker News | The Hacker News
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
A new, stealthy malware campaign dubbed DEAD#VAX employs a mix of “disciplined tradecraft and clever abuse of legitimate system features” to bypass traditional detection mechanisms and deploy the remote access trojan (RAT) known as AsyncRAT.
The Hacker News | The Hacker News
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.