Cyber Security News, MITRE ATT&CK Tactics & Techniques, Vulnerabilities Management, Cyber Kill Chain, Ransomware Attacks, CyberSecurity Alerts & Threat Advisories, IT Security, End Point Security, Security Updates

ShinyHunters Claims Responsibility for Major SSO Credential Theft Campaign

CyberSecurity News

CyberDefenderJanuary 24, 2026January 24, 20267 mins0

A notorious cybercriminal group calling itself ShinyHunters has publicly stated that it is behind a wave of…

Russian Hackers Target Poland’s Power Grid in Failed Wiper Malware Attack

CyberSecurity News

CyberDefenderJanuary 24, 2026January 24, 20265 mins0

In late December 2025, Poland’s critical energy infrastructure narrowly escaped a crippling cyberattack that targeted its power…

Microsoft Shared BitLocker Encryption Keys With FBI in Guam Pandemic Fraud Investigation

CyberSecurity News

CyberDefenderJanuary 24, 2026January 24, 20266 mins0

Microsoft has confirmed that it provided the Federal Bureau of Investigation with BitLocker recovery keys that allowed…

Microsoft Warns of Sophisticated Multi-Stage AiTM Phishing and BEC Campaign Exploiting SharePoint to Breach Multiple Organizations

CyberSecurity News

CyberDefenderJanuary 24, 2026January 24, 20267 mins0

The threat actors behind this campaign targeted multiple organizations primarily in the energy sector, starting with phishing…

Microsoft’s WinAppCli: A Unified CLI for Windows App Development

CyberSecurity News

CyberDefenderJanuary 24, 2026January 24, 20266 mins0

In early 2026, Microsoft introduced WinAppCli, an open-source command-line interface aimed at simplifying the process of building,…

Unsecured Database Leaks 149 Million User Credentials Across Major Platforms

CyberSecurity News

AegironJanuary 24, 2026January 24, 20264 mins0

A huge database of login credentials — nearly 149 million usernames and passwords — was found publicly…

CVE-2025-53967: Unauthenticated Command Injection Leading to Full Remote Code Execution in Framelink Figma MCP Server

Vulnerabilities

AegironJanuary 23, 2026January 23, 20268 mins0

Vulnerability Overview Executive Summary A high-severity command injection vulnerability exists in the Framelink Figma MCP Server. Due…

CVE-2026-0756: Unauthenticated Remote Code Execution via Command Injection in github-kanban-mcp-server

Vulnerabilities

AegironJanuary 23, 2026January 23, 20269 mins0

Vulnerability Summary CVE ID: CVE-2026-0756Component: github-kanban-mcp-server (@sunwood-ai-labs/github-kanban-mcp-server)Vulnerability Type: OS Command InjectionAttack Class: Unauthenticated Remote Code ExecutionSeverity: CriticalCVSS…

CVE-2026-0764: Critical Unauthenticated Deserialization RCE in GPT Academic Leading to Root-Level System Compromise

Vulnerabilities

AegironJanuary 23, 2026January 23, 202610 mins0

Top-Level Summary Vulnerability Background This issue arises because the GPT Academic application accepts serialized data uploaded by…

CVE-2026-0768: Unauthenticated Langflow RCE Enables Full Server Takeover

Vulnerabilities

AegironJanuary 23, 2026January 23, 20269 mins0

CVE-2026-0768 – Langflow Unauthenticated Remote Code Execution CVE ID: CVE-2026-0768Product: LangflowVulnerability Type: Unauthenticated Remote Code Execution (RCE)Severity:…