New Ransomware Group “BravoX” Goes Live, Launches Affiliate-Driven Extortion Campaign Cyber Threat Intelligence AegironJanuary 26, 2026January 26, 20268 mins0 BravoX Ransomware-as-a-Service (RaaS) Initial Public Operations Observed: January 26 Executive Summary BravoX is a newly operational ransomware…continue reading..
CVE-2026-0994: Google Protobuf Flaw Enables Remote Denial-of-Service Attacks Vulnerabilities AegironJanuary 26, 2026January 26, 202613 mins0 CVE-2026-0994 — Google Protobuf JSON Any Parsing DoS (Python) CVE Name: Recursive JSON Any Parsing Denial-of-ServiceCVE ID:…continue reading..
CVE-2026-24128: Critical XWiki XSS Flaw Enables One-Click Administrator Takeover Vulnerabilities AegironJanuary 26, 2026January 26, 20268 mins0 Vulnerability Summary A reflected cross-site scripting vulnerability exists in XWiki where user-supplied input is incorporated into server…continue reading..
North Korea–Linked Lazarus Group Launches Cyber Espionage Campaign Against European Drone Manufacturers CyberSecurity News CyberDefenderJanuary 26, 2026January 26, 20264 mins0 The Lazarus Group — also known in cybersecurity communities as Hidden Cobra — is a highly capable,…continue reading..
Critical Flaws Uncovered in Salesforce Marketing Cloud: Encryption Failures and Remote Command Risks Exposed CyberSecurity News AegironJanuary 26, 2026January 26, 20268 mins0 Product Overview Product: Salesforce Marketing CloudComponent Affected: Web Service APIs, internal cryptographic handling, and request processing layerDeployment…continue reading..
New Stanley Malware Toolkit Exploits Browser Extensions to Steal Credentials CyberSecurity News CyberDefenderJanuary 26, 2026January 26, 20265 mins0 Cybercriminals are increasingly finding creative ways to exploit everyday tools, and browser extensions have become one of…continue reading..
Cyber Espionage Alert: China-Linked SyncFuture Malware Deployed in Targeted Campaign Against India CyberSecurity News CyberDefenderJanuary 26, 2026January 26, 20264 mins0 A sophisticated cyber-espionage operation, now known as the SyncFuture campaign, has been uncovered by the eSentire Threat…continue reading..
Hackers Exploit Trusted Cloud Platforms as Vercel-Hosted Phishing Campaign Evolves with Telegram-Based Command Control CyberSecurity News CyberDefenderJanuary 26, 2026January 26, 20267 mins0 In a troubling development for enterprise cybersecurity, threat actors have enhanced a sophisticated phishing campaign that leverages…continue reading..
CVE-2024-37079: Critical VMware vCenter RCE Vulnerability Added to CISA KEV Catalog Vulnerabilities AegironJanuary 26, 2026January 26, 202610 mins0 Broadcom VMware vCenter Server – DCERPC Out-of-Bounds Write Vulnerability Vulnerability Overview Technical Description CVE-2024-37079 is a memory…continue reading..
Apache Hadoop Flaw Exposes Native HDFS Clients to Memory Corruption and Denial-of-Service Risk (CVE-2025-27821) CyberSecurity News CyberDefenderJanuary 26, 2026January 26, 20267 mins0 CVE-2025-27821 is a memory-safety vulnerability affecting the native HDFS client used by Apache Hadoop.The flaw exists in…continue reading..
