Gate 15
LightNews LightNews
banner
gate15.bsky.social
Gate 15
@gate15.bsky.social
320 followers 950 following 320 posts
Risk Management: Threat Intel & Analysis, Operations, Preparedness & Critical Infrastructure Security/Cybersecurity & Resilience
Posts Replies Media Videos
gate15.bsky.social
Today in the SUN we feature an article from Cyera on Ni8mare, an unauthenticated remote code execution in n8n.

Read more below:
www.cyera.com/research-lab...

#cybersecurity
@andyjabbour.bsky.social
Ni8mare  -  Unauthenticated Remote Code Execution in n8n (CVE-2026-21858) | Cyera Research Labs
Cyera Research Labs has discovered a
www.cyera.com
January 8, 2026 at 3:54 PM
Reposted by Gate 15
bleepingcomputer.com
A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.
Max severity Ni8mare flaw lets hackers hijack n8n servers
A maximum severity vulnerability dubbed "Ni8mare" allows remote, unauthenticated attackers to take control over locally deployed instances of the N8N workflow automation platform.
www.bleepingcomputer.com
January 7, 2026 at 5:41 PM
Reposted by Gate 15
chrisbing.bsky.social
sharing a theory I am researching below

1.) claims of cyber-related effect in Venezuela darkreading.com/cybersecurit...
2.) potential BGP anomaly event fits timeframe x.com/blackorbird/...
3.) leaked snowden doc suggests possible relevant tooling
blog.fox-it.com/2015/04/20/d...
January 7, 2026 at 4:48 PM
Reposted by Gate 15
maggiemcneill.bsky.social
Mad emperor is still mad.
January 8, 2026 at 2:43 AM
Reposted by Gate 15
bleepingcomputer.com
Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges.
Cisco warns of Identity Service Engine flaw with exploit code
Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin privileges.
www.bleepingcomputer.com
January 8, 2026 at 9:13 AM
gate15.bsky.social
Today in the SUN we feature an article from Emsisoft on the state of ransomware in the U.S.

Read more below:
www.emsisoft.com/en/blog/4721...

#cybersecurity
@andyjabbour.bsky.social
The State of Ransomware in the U.S.: Report and Statistics 2025
Despite high-profile law enforcement takedowns and group shutdowns, ransomware victim counts surged in 2025 as the ecosystem fragmented and rapidly adapted. Dive into our annual report to learn more.
www.emsisoft.com
January 7, 2026 at 4:49 PM
gate15.bsky.social
Our latest edition of the Security Sprint is out now! In this episode, Dave and Andy discuss Geo-politics, attacking the Grid, Ransomware, and more! Our podcast is available right now, go check it out!

#cybersecurity
@andyjabbour.bsky.social
gate15.global/weekly-secur...
Weekly Security Sprint EP 140. Kicking off the New Year! Geo-politics, attacking the Grid, Ransomware, and more! | Gate 15
gate15.global
January 7, 2026 at 4:36 PM
Reposted by Gate 15
threatintel.microsoft.com
This vector—which has seen increased visibility and use since May 2025—has enabled credential phishing campaigns tied to phishing-as-a-service (PhaaS) platforms like Tycoon2FA, using lures such as voicemails, shared documents, HR updates, and password resets.
January 6, 2026 at 6:08 PM
Reposted by Gate 15
threatintel.microsoft.com
Phishing actors are abusing complex routing scenarios and misconfigured spoof protections to spoof organizations’ domains and deliver emails that appear internally sent. msft.it/63322tFxIO
Phishing actors exploit complex routing and misconfigurations to spoof domains | Microsoft Security Blog
Threat actors are exploiting complex routing scenarios and misconfigured spoof protections to send spoofed phishing emails, crafted to appear as internally sent messages.
msft.it
January 6, 2026 at 6:03 PM
Reposted by Gate 15
andyjabbour.bsky.social
While we wait for the podcast... today's Gen AI version of the @gate15.bsky.social SUN touches on the new report from @ransomwaresommelier.com & RF on the evolving state of ransomware in 2026. vimeo.com/1151976526/6... This video is shared daily via our GRIP (subscribe from any page on our website)
06 January SUN
This is "06 January SUN" by Gate 15 on Vimeo, the home for high quality videos and the people who love them.
vimeo.com
January 6, 2026 at 7:00 PM
Reposted by Gate 15
andyjabbour.bsky.social
New from @derekbjohnson.bsky.social in @cyberscoop.bsky.social: AI, voting machine conspiracies fill information vacuum around Venezuela operation cyberscoop.com/ai-voting-ma... cc @gate15.bsky.social
AI, voting machine conspiracies fill information vacuum around Venezuela operation
After the U.S. capture of Nicholas Maduro, fake AI-driven media quickly flooded the internet, while Trump allies revived debunked theories of rigged voting machines.
cyberscoop.com
January 6, 2026 at 9:07 PM
Reposted by Gate 15
potato.software
New from @derekbjohnson.bsky.social in @cyberscoop.bsky.social: AI, voting machine conspiracies fill information vacuum around Venezuela operation potatoscoop.com/ai-voting-ma... cc @gate15.bsky.social
January 6, 2026 at 9:07 PM
Reposted by Gate 15
andyjabbour.bsky.social
New Year, New @gate15.bsky.social Weekly Security Sprint! 18 minute race on geopolitics, attacking the grid, ransomware ➕ @dpounder.bsky.social & I talk Venezuela, big topics & new reports from @ransomwaresommelier.com, @kattenbarge.bsky.social & more. gate15.global/weekly-secur... #cybersecurity
Weekly Security Sprint EP 140. Kicking off the New Year! Geo-politics, attacking the Grid, Ransomware, and more! | Gate 15
gate15.global
January 6, 2026 at 9:26 PM
Reposted by Gate 15
craignewmark.bsky.social
"Newmark says he still gets angry about the idea of somebody trying to rip off his customers. “I take it personally, and I think everyone involved in any kind of platform should feel the same way,” he says. “It should piss them off.”"

www.fastcompany.com/91467939/cra...
Craiglist’s founder has some simple rules for not losing your mind—or money—on the internet
Craig Newmark’s ‘Take9’ campaign asks people to pause nine seconds before reacting online.
www.fastcompany.com
January 7, 2026 at 11:24 AM
Reposted by Gate 15
andyjabbour.bsky.social
The State of Ransomware in the U.S.: Report and Statistics 2025 www.emsisoft.com/en/blog/4721... @gate15.bsky.social #cybersecurity #ransomware
January 7, 2026 at 3:04 PM
gate15.bsky.social
Today in the SUN, we feature an article from @theregister.com on the dangers of failing to enforce MFA.

Read more below:
www.theregister.com/2026/01/06/5...

#cybersecurity
@andyjabbour.bsky.social
One criminal stole info from 50 orgs thanks to no MFA
: Crim used infostealer to get cloud credentials
www.theregister.com
January 6, 2026 at 6:09 PM
gate15.bsky.social
Bitdefender released an article on what scares people most about hackers, highlighting financial loss, identity theft, and scams.

Read more below:
www.bitdefender.com/en-us/blog/h...

#cybersecurity
@andyjabbour.bsky.social
What Scares People Most About Hackers? We Asked Netizens
Most people don’t worry much about hackers stealing their photos or reading their emails. What keeps them up at night is far more fundamental.
www.bitdefender.com
January 6, 2026 at 5:16 PM
Reposted by Gate 15
ransomwaresommelier.com
Sedgwick confirms cyber incident affecting its major federal contractor subsidiary

via @jgreig.bsky.social & @therecordmedia.bsky.social
Sedgwick confirms cyber incident affecting its major federal contractor subsidiary
The claims administration company Sedgwick confirmed that a subsidiary that contracts with a handful of sensitive federal agencies is dealing with a cybersecurity incident.
therecord.media
January 5, 2026 at 2:47 PM
Reposted by Gate 15
ecrime.ch
Last week we have observed 103 events across 26 countries and attributed them to 22 ransomwares.
The top targeted country was #UnitedStates and the most targeted sector was #Construction.
The ransomware #Qilin has been busy with 30 new events (29%)!

Learn more: https://ecrime.ch/
January 5, 2026 at 12:52 PM
Reposted by Gate 15
andyjabbour.bsky.social
Good perspective from Jim Langevin in @cyberscoop.bsky.social, including some of what needs to be done to continue to support private-public partnerships. 'Congress — on both sides of the aisle — has the capacity to act.' Will they? cyberscoop.com/us-cyber-def... #cybersecurity @gate15.bsky.social
Time to restore America’s cyberspace security system
America’s cyber defenses are slipping as China, Russia, Iran, and North Korea escalate attacks. Congress must restore CISA leadership, funding, and partnerships.
cyberscoop.com
January 5, 2026 at 7:06 PM
Reposted by Gate 15
andyjabbour.bsky.social
"Because the organizations listed below did not enforce MFA, the attacker walks right in through the front door," the cybersecurity shop said in a Monday report. "No exploits, no cookies – just a password." cc @gate15.bsky.social #cybersecurity Read more: www.infostealers.com/article/doze...
January 6, 2026 at 11:45 AM
Reposted by Gate 15
andyjabbour.bsky.social
CISA posts tips and resources to help secure critical infrastructure: 'Secure Your Business; Protect your business, employees and customers with smart cybersecurity practices. You Can Protect Your Business from Online Threats.' www.cisa.gov/audiences/sm... @gate15.bsky.social youtu.be/vEtXtSdPozs
Kick Off 2026 with Cyber Resolutions: Protect Your Business
YouTube video by CISA
youtu.be
January 6, 2026 at 12:33 PM
Reposted by Gate 15
andyjabbour.bsky.social
New! From @ransomwaresommelier.com: New ransomware tactics to watch out for in 2026. Observations, emerging trends and one BIG BOLD prediction about the #ransomware threat environment in 2026. 👀 Good work, Allan! www.recordedfuture.com/blog/ransomw... @gate15.bsky.social @ecrime.ch #cybersecurity
New ransomware tactics to watch out for in 2026
Ransomware groups made less money in 2025 despite a 47% increase in attacks, driving new tactics: bundled DDoS services, insider recruitment, and gig worker exploitation. Learn the emerging trends def...
www.recordedfuture.com
January 6, 2026 at 12:39 PM
Reposted by Gate 15
andyjabbour.bsky.social
The cost of ransomware... 'According to a financial statement.. Tata Motors, the UK-based carmaker suffered a 25.1% year-on-year decline in retail sales during the third quarter of 2025, with just 79,600 vehicles sold.' www.infosecurity-magazine.com/news/jlr-q3-... @gate15.bsky.social
Jaguar Land Rover's Q3 Sales Crash Amid Cyber-Attack Fallout
JLR’s wholesale sales plunged 43% and retail drops 25% in the third quarter of 2025 following the 2025 cyber-attack
www.infosecurity-magazine.com
January 6, 2026 at 1:47 PM
gate15.bsky.social
Today in the SUN we feature an article from @bleepingcomputer.com.web.brid.gy on over 10K Fortinet firewalls being exposed to an actively exploited 2FA bypass.

Read more below:
www.bleepingcomputer.com/news/securit...

#cybersecurity
@andyjabbour.bsky.social
Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass
Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor authentication (2FA) bypass vulnerability.
www.bleepingcomputer.com
January 5, 2026 at 4:10 PM