Imperva Threat Research

N8N: Shared Credentials and Account Takeover

AndyC 4 March 2026

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s...

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

AndyC 27 January 2026

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy...

This month in security with Tony Anscombe – February 2026 edition

AndyC 1 March 2026

In this roundup, Tony looks at how opportunistic threat actors are taking advantage of weak authentication, unmanaged exposure, and popular AI tools 28 Feb 2026...

Mobile app permissions (still) matter more than you may think

AndyC 28 February 2026

Mobile Security Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious...

Faking it on the phone: How to tell if a voice call is AI or not

AndyC 24 February 2026

Can you believe your ears? Increasingly, the answer is no. Here’s what’s at stake for your business, and how to beat the deepfakers. Phil Muncaster...

PromptSpy ushers in the era of Android threats using GenAI

AndyC 20 February 2026

ESET researchers uncovered the first known case of Android malware abusing generative AI for context-aware user interface manipulation. While machine learning has been used to...

Is Poshmark safe? How to buy and sell without getting scammed

AndyC 20 February 2026

Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can...

Is it OK to let your children post selfies online?

AndyC 18 February 2026

Kids Online When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech....