⚡ Weekly Recap: AI Automation Exploits, Telecom Espionage, Prompt Poaching & More

This week's security landscape revealed a critical pattern: minor configuration oversights in trusted tools can create catastrophic attack surfaces. From workflow automation platforms to residential proxy networks, attackers exploited gaps that should have been closed through basic security hygiene.

Maximum Severity Flaw in n8n Workflow Automation

A critical vulnerability (CVE‑2026‑21858) in the n8n workflow automation platform exposes unauthenticated remote code execution risks. Dubbed Ni8mare, this CVSS 10.0 flaw affects self-hosted instances prior to version 1.121.0.

Technical Analysis:

• Exploits improper handling of form-based workflows with file operations
• Allows crafted requests to bypass multipart/form-data validation
• Enables arbitrary file access and command execution

Security firm Field Effect warns: "The impact extends to any organization using n8n to automate workflows that interact with sensitive systems. The worst-case scenario involves full system compromise."

Despite affecting 59,500 exposed hosts, Horizon3.ai notes exploitation requires specific preconditions:

1. Publicly accessible form workflows without authentication
2. Mechanism to retrieve local files from n8n server

Kimwolf Botnet Infects 2M Android Devices

This Android botnet variant achieved massive scale through residential proxy network exploitation:

Infection Vector:

• Targets devices with exposed Android Debug Bridge (ADB) ports (5555, 5858)
• Leverages proxy providers permitting local network access
• Delivers payloads via netcat/telnet piping

Synthient observed 2 million infections since November 2025, highlighting the risks of developer interfaces exposed to internal networks.

Emerging Threats: Prompt Poaching & AI Workflow Risks

Two Chrome extensions with 900,000 combined installs were caught exfiltrating AI conversations:

• Chat GPT for Chrome with GPT-5
• AI Sidebar with DeepSeek

This Prompt Poaching technique steals proprietary AI interactions and sensitive data. The incident underscores new risks in AI-integrated workflows where:

1. Browser extensions request excessive permissions
2. Sensitive business logic is processed through AI interfaces
3. Conversation histories aren't properly segmented

Critical Vulnerabilities Requiring Immediate Action

This week's most pressing CVEs include:

CVE ID	Affected Product	Risk
CVE-2026-21858	n8n <1.121.0	RCE (CVSS 10.0)
CVE-2025-69258	Trend Micro Apex Central	Auth Bypass
CVE-2026-0628	Google Chrome	Memory Corruption
CVE-2025-9222	GitLab CE/EE	Privilege Escalation

Patch Priority:

1. n8n instances should be upgraded immediately
2. Chrome users must update to version 121.0.6167.160+
3. GitLab installations require 16.7.2 security release

Defense Strategies for Security Teams

1. Automation Platform Hardening:

   • Isolate workflow automation tools in segmented networks
   • Implement strict authentication for all API endpoints
   • Audit file handling functions in custom workflows

2. Mobile Device Protection:

   • Disable ADB network access in production devices
   • Monitor for suspicious proxy network traffic patterns
   • Implement zero-trust device-to-service communication

3. AI Conversation Security:

   • Restrict browser extensions in corporate environments
   • Implement DLP solutions monitoring AI platform outputs
   • Segment AI usage based on data sensitivity levels

The week's incidents demonstrate that foundational security practices remain critical even as attack surfaces evolve. As Tenable CSO Bob Huber notes: "We're seeing threat actors achieve maximum impact through minimum novelty - their success comes from exploiting basic gaps that persist due to operational complexity."

Key Takeaway: Regular configuration audits and strict access controls for administrative interfaces prevent the majority of these high-impact breaches before attackers can weaponize vulnerabilities.