Author: user
A newly developed sodium-ion (Na-ion) battery has the potential to charge much faster, have higher energy density and be safer than traditional lithium-ion (Li-ion) batteries, scientists say.Researchers at Tokyo University of Science have used a new carbon-based electrolyte to improve the energy density and charging speed of sodium ions using sodium-ion batteries, an alternative to the lithium-ion batteries used in most of today’s devices.Scientists have been exploring Na-ion batteries as an alternative to Li-ion batteries because of their improved stability and lower cost, but several bottlenecks and limitations have hindered the technology’s progress. you may like All batteries contain an…
Ravi LakshmananJanuary 28, 2026Vulnerability/Workflow Automation Cybersecurity researchers have uncovered two new security flaws in the n8n workflow automation platform, including a critical vulnerability that could allow remote code execution. The vulnerabilities discovered by the JFrog Security Research team are as follows: CVE-2026-1470 (CVSS Score: 9.9) – eval injection vulnerability that allows an authenticated user to bypass the Expression sandbox mechanism and achieve full remote code execution on n8n’s main node by passing specially crafted JavaScript code CVE-2026-0863 (CVSS Score: 8.5) – An authenticated user may be able to bypass the Expression sandbox mechanism and achieve full remote code execution on…
If you work in security operations, you’ll be familiar with the concept of an AI SOC agent. Early stories promised complete autonomy. Vendors have seized on the idea of “autonomous SOCs” and proposed a future where algorithms replace analysts. That future has not yet arrived. We have never seen mass layoffs or empty security operations centers. Instead, we witnessed the emergence of a practical reality. Introducing AI into the SOC does not eliminate the human element. Instead, how they spend their time has been redefined. We now understand that the value of AI is not in replacing operators. It’s about…
Ravi LakshmananJanuary 28, 2026Vulnerabilities / Open Source A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system. This vulnerability is tracked as CVE-2026-22709 and has a CVSS score of 9.8 out of 10.0 in the CVSS scoring system. “As of version 3.10.0 of VM2, you can bypass sanitization of the Promise.prototype.then Promise.prototype.catch callback,” said VM2 maintainer Patrik Simek. “This allows an attacker to escape the sandbox and execute arbitrary code.” vm2 is a Node.js library used to run untrusted code…
In the 2025 cyber espionage attack, Chinese-linked threat actors were observed using the latest version of a backdoor called COOLCLIENT to facilitate comprehensive data theft from infected endpoints. The activity was attributed to Mustang Panda (also known as Earth Preta, Fireant, HoneyMyte, Polaris, and Twill Typhoon), and the intrusions were primarily targeted at government agencies across the campaign across Myanmar, Mongolia, Malaysia, and Russia. Revealing details of the updated malware, Kaspersky said it is being deployed as a secondary backdoor along with PlugX and LuminousMoth infections. “COOLCLIENT was typically delivered with an encrypted loader file containing encrypted configuration data, shellcode,…
Patient: 34-year-old male living in MexicoSymptoms: Within seconds of drinking a “smoky” alcoholic beverage at a bar, a man felt severe pain in his stomach.What happened next: The man was admitted to the emergency room. In addition to abdominal pain, he was sweating profusely and feeling tired. His vital signs were a cause for concern. His heart rate was abnormally fast, at 124 beats per minute, compared to a normal resting heart rate of 60 to 100 bpm. His breathing was faster than normal, his blood pressure was low, and his body temperature had dropped to 95.7 degrees Fahrenheit (35.4…
When security teams discuss credential-related risks, they typically focus on threats like phishing, malware, and ransomware. These attack techniques continue to evolve and are gaining the attention they deserve. However, one of the most persistent and underappreciated risks to organizational security remains far more common. Reusing nearly identical passwords continues to bypass security controls and often goes unnoticed, even in environments with established password policies. Why password reuse persists despite strong policies Most organizations understand that using the exact same password on multiple systems poses a risk. Security policies, regulatory frameworks, and user awareness training consistently discourage this behavior, and…
From street-level measurements to long-term health studies, researchers are building a clearer picture of how daily exposure to 5G signals affects human health. As 5G antennas increase across Europe, delivering faster downloads, better connectivity, and more reliable streaming, public concern about the potential health effects is also growing. To address these concerns, EU-funded researchers are investigating what everyday exposure to radio-frequency electromagnetic fields (RF-EMF) from 5G actually looks like and what it means for our health. Their findings so far are encouraging. Measuring exposure in real life One of the scientists leading the study is Professor Monica Guxens, a physician…
February’s Snow Moon, the second full moon of 2026, will rise with one of the most beautiful open star clusters in the night sky on Sunday (February 1).The moon will officially be full on February 1st at 5:09pm EST, and will be best visible in your location during moonrise at dusk. It is located in the constellation Leo, hanging below the Honeycomb star cluster. On February 2nd, the moon will be bright and appear full.The best way to see the full moon rise is to find an elevated or open area with a clear view of the eastern horizon. The…
Ravi LakshmananJanuary 28, 2026Vulnerability/Threat Intelligence Google revealed on Tuesday that multiple threat actors, including state adversaries and financially motivated groups, are exploiting critical patched security flaws in RARLAB WinRAR to gain initial access and deploy various payloads. “Although discovered and patched in July 2025, government-sponsored and financially motivated actors associated with Russia and China continue to exploit this n-day across disparate operations,” Google Threat Intelligence Group (GTIG) said in a statement. “The consistent exploit method, a path traversal flaw that allows files to be dropped into the Windows startup folder for persistence, highlights defense gaps in basic application security and…