High-Risk Flaws Discovered in AnythingLLM: Remote Code Execution and API Key Exposure Leave Systems Fully Exposed Vulnerabilities AegironJanuary 31, 2026January 31, 202610 mins0 Product Details Product: AnythingLLMProduct Category: Self-hosted AI / LLM orchestration platformDeployment Models: On-premise, containerized, cloud-hostedAffected Versions: All…continue reading..
CVE-2026-24479: Critical Zip-Slip Flaw in HUSTOJ Enables Remote Code Execution via Malicious ZIP Uploads Vulnerabilities AegironJanuary 31, 2026January 31, 202612 mins0 CVE-2026-24479 What the vulnerability is This vulnerability exists because the software accepts a ZIP file from a…continue reading..
Critical Suricata Vulnerabilities Expose IDS Engines to Remote Crashes and Memory Exhaustion Attacks Vulnerabilities AegironJanuary 31, 2026January 31, 202612 mins0 Product Details (At a Glance) CVE Summary Table CVE ID CVSS Score Severity Vulnerability Type Exploitability Exploit…continue reading..
Former Google Engineer Convicted in U.S. of Stealing AI Trade Secrets for China CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 20263 mins0 A U.S. federal jury in San Francisco has convicted Linwei Ding (also known as Leon Ding), a…continue reading..
Arsink RAT Spyware Masquerading as WhatsApp, YouTube, and TikTok Infects Thousands of Android Devices Worldwide CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 20264 mins0 Arsink is a Remote Access Trojan (RAT) targeting Android devices. Once it infects a phone, it gives…continue reading..
CVE-2025-68670: Critical xrdp Flaw Allows Pre-Auth Remote Code Execution on Linux Systems Vulnerabilities AegironJanuary 31, 2026January 31, 202611 mins0 CVE-2025-68670 — xrdp Stack Buffer Overflow → Remote Code Execution CVE ID: CVE-2025-68670Severity: CriticalCVSS v3.1 (Base Score):…continue reading..
CVE-2025-21589: Critical Juniper Session Smart Flaw Enables Unauthenticated Full Admin Takeover Vulnerabilities AegironJanuary 31, 2026January 31, 20268 mins0 CVE-2025-21589 Product: Juniper Session Smart Router (SSR) / Session Smart Conductor / WAN Assurance Managed RouterVulnerability Type:…continue reading..
eScan Antivirus Update Server Compromised in Supply Chain Attack, Malware Distributed to Users CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 20268 mins0 On January 20, a supply chain compromise was identified involving the eScan antivirus product developed by MicroWorld…continue reading..
Trusted Tool Turned Trojan: EmEditor Official Installer Hijacked in Sophisticated Supply-Chain Attack CyberSecurity News CyberDefenderJanuary 31, 2026January 31, 202619 mins0 In late December 2025, a sophisticated software supply chain compromise was discovered affecting EmEditor, a widely-used Windows…continue reading..
CVE-2026-1470: Critical n8n Flaw Allows Workflow Expressions to Trigger Full System Takeover Vulnerabilities AegironJanuary 31, 2026January 31, 20269 mins0 CVE-2026-1470 High-Level Risk Statement A critical weakness exists in the way n8n evaluates user-defined expressions inside workflows.…continue reading..
