CVE-2026-0775: npm CLI Bug Turns Developer Machines Into Privilege Escalation Targets Vulnerabilities AegironJanuary 25, 2026January 25, 202610 mins0 CVE-2026-0775 — npm CLI Local Privilege Escalation CVE ID: CVE-2026-0775Affected component: npm CLIVulnerability class: Local Privilege Escalation…continue reading..
Gitea Under Threat: Critical Authorization Flaws Lead to Destructive and Org-Wide Attacks Vulnerabilities AegironJanuary 25, 2026January 25, 20267 mins0 Product Overview Product: GiteaCategory: Self-hosted Git repository management platformTypical Users: Enterprises, DevOps teams, open-source maintainersCore Risk Area:…continue reading..
Hackers Exploit ‘rn’ Typo Trick to Impersonate Microsoft and Marriott in Sophisticated Phishing Campaign CyberSecurity News CyberDefenderJanuary 25, 2026January 25, 20264 mins0 Cybercriminals are exploiting a visual typo trick known in cybersecurity as typosquatting or a homoglyph attack —…continue reading..
North Korea–Linked KONNI Group Targets Developers With AI-Generated Malware, Researchers Warn CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 202614 mins0 In a significant escalation of cybercrime tactics, the North Korea–linked threat actor KONNI has shifted its sights…continue reading..
CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog, Urges Immediate Patching CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 20267 mins0 CVE-2024-37079, a critical vulnerability affecting VMware vCenter Server, has been added to the Known Exploited Vulnerabilities (KEV)…continue reading..
Microsoft Teams to Automatically Detect Work Location Using Corporate Wi-Fi CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 20264 mins0 Microsoft is introducing a significant update to Microsoft Teams that aims to simplify how hybrid workers communicate…continue reading..
North Korea–Linked Malware Campaign Targets South Korean Users via Malicious LNK Files CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 202610 mins0 In January 2026, It was identified a malicious LNK file that executed malware linked to attack campaigns…continue reading..
MacSync Malware Campaign Hijacks macOS Trust Model to Steal Crypto Wallets via Script-Driven Attacks CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 20268 mins0 MacSync is a stealthy macOS information stealer designed to harvest sensitive credentials, browser data, and most notably,…continue reading..
Hackers Exploit Fake CAPTCHAs and Blockchain Smart Contracts in New “EtherHiding” Malware Campaign CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 202611 mins0 In the constantly evolving world of cybersecurity, attackers are adopting increasingly sophisticated techniques that blend social engineering,…continue reading..
Hackers earned $1,047,000 for uncovering 76 zero-day vulnerabilities in automotive systems CyberSecurity News CyberDefenderJanuary 24, 2026January 24, 20262 mins0 Prize Breakdown & Winners Notable Exploits & Targets What Happens Next Why It Matterscontinue reading..
