CVE-2025-69662: Critical GeoPandas SQL Injection Flaw Exposes PostGIS Databases to Silent Data Theft Vulnerabilities AegironJanuary 31, 2026January 31, 202610 mins0 CVE-2025-69662 Vulnerability Title: SQL Injection in GeoPandas to_postgis() FunctionCVE ID: CVE-2025-69662Affected Component: GeoPandas – to_postgis()Affected Versions: GeoPandas…continue reading..
CVE-2025-62348: Salt Automation at Risk — Unsafe YAML Parsing in Junos Module Opens Door to Code Execution Vulnerabilities AegironJanuary 31, 2026January 31, 202614 mins0 Summary What Is This Vulnerability? This vulnerability exists because the Salt automation framework’s junos execution module loads…continue reading..
CVE-2025-24293: Critical Rails Active Storage Image Flaw Opens Door to Silent Server Takeover Vulnerabilities AegironJanuary 31, 2026January 31, 202614 mins0 CVE-2025-24293 – Ruby on Rails Active Storage Unsafe Image Transformation Vulnerability CVE: CVE-2025-24293Description: Active Storage allowed transformation…continue reading..
iOS Banking Trojan Steals Faces: GoldPickaxe Uses Deepfake Videos to Bypass Mobile App Security Cyber Threat Intelligence AegironJanuary 31, 2026January 31, 202612 mins0 Incident Overview: GoldPickaxe iOS Malware Campaign What happened In late January, a new mobile malware campaign was…continue reading..
Fake KYC Alerts Turn Smartphones into Silent Spies, Government Warns Android Users Cyber Threat Intelligence AegironJanuary 31, 2026January 31, 202610 mins0 Incident Overview: “Twice is Wise” Cyber Awareness Campaign – Social Engineering RAT Malware via Fake KYC Updates…continue reading..
0APT Ransomware Floods Leak Sites in 24 Hours, Overwhelming US Tech and Professional Firms Cyber Threat Intelligence AegironJanuary 31, 2026January 31, 202611 mins0 Ransomware Incident Overview – 0APT Surge What happened On 30 January, the ransomware operation known as 0APT…continue reading..
Microsoft Plans to Disable NTLM by Default in Windows, Marking a Major Shift in Authentication Security CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 20265 mins0 Microsoft has announced a major shift in how Windows handles authentication. After more than 30 years of…continue reading..
ESET Uncovers DynoWiper: Destructive Malware Linked to Sandworm Targets Polish Energy Sector in Failed Cyberattack CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 202610 mins0 In late December 2025, a destructive cyber operation targeted an energy-sector organization in Poland using previously undocumented…continue reading..
Critical OpenSSL Parsing Flaws Expose Systems to Remote Crashes and Potential Code Execution Vulnerabilities AegironJanuary 31, 2026January 31, 20268 mins0 Product overview Product: OpenSSLCategory: Cryptographic / TLS / CMS processing libraryExposure context: Any application, service, appliance, or…continue reading..
CVE-2026-24810: Critical RethinkDB JSON Parsing Flaw Opens Door to Unauthenticated Remote Code Execution Vulnerabilities AegironJanuary 31, 2026January 31, 20268 mins0 CVE-2026-24810 Product: RethinkDBAffected versions: ≤ 2.4.4Vulnerability type: Buffer Overflow (JSON parsing)Impact: Remote Code Execution (RCE)Severity: CriticalCVSS score:…continue reading..
