CVE-2025-68136 & CVE-2025-68141: Critical EVerest Flaws Allow Crafted Network Traffic to Crash EV Charging Services Vulnerabilities AegironJanuary 23, 2026January 23, 20269 mins0 Product Overview Product Name: EVerest (everest-core)Product Type: Open-source EV charging (EVSE) software frameworkUsage: Deployed in electric vehicle…continue reading..
CVE-2021-47867: SYSTEM Privilege Escalation via Unquoted Service Path in WIN-PAK PRO ScheduleService CyberSecurity News AegironJanuary 23, 2026January 23, 20268 mins0 Description of the Vulnerability An unquoted service path vulnerability exists in the ScheduleService component of WIN-PAK PRO…continue reading..
Microsoft Urges Windows 11 Users to Uninstall Faulty Update After Widespread Bug Reports CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20269 mins0 Microsoft is now publicly urging millions of Windows 11 users to remove a freshly released security update…continue reading..
Google to Pay $8.25 Million Settlement Over Child Data Tracking on the Play Store CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20265 mins0 In a significant privacy-related legal development, Google has agreed to pay $8.25 million to settle a class-action…continue reading..
Watering-Hole Cyberattack Compromises EmEditor Users via Tampered Installer CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20267 mins0 In late January 2026, cybersecurity researchers at Trend Micro revealed a sophisticated watering-hole attack that targeted users…continue reading..
Malicious npm Package Update Compromises Developer Systems in eslint-config-prettier Supply Chain Attack CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20267 mins0 CVE-2025-54313 is a supply chain compromise affecting the popular npm package eslint-config-prettier. Unlike traditional vulnerabilities caused by…continue reading..
Critical Vite Flaw Exposes Development Servers: CVE-2025-31125 Allows Remote File Access Without Authentication CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20267 mins0 CVE-2025-31125 is a security vulnerability that affects Vite, a widely used frontend development and build tool for…continue reading..
Critical authentication bypass vulnerability in Versa Networks Versa Concerto allows an unauthenticated remote access CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20266 mins0 CVE-2025-34026 is a critical authentication bypass vulnerability in Versa Networks Versa Concerto, the SD-WAN orchestration and management…continue reading..
Critical Zimbra Vulnerability Exposes Mail Servers to Remote File Disclosure Attacks CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20267 mins0 CVE-2025-68645 is a high-severity Local File Inclusion (LFI) vulnerability affecting Zimbra Collaboration Suite (ZCS) in the Classic…continue reading..
Attackers Chain Excessive Windows LOLBins to Stealthily Deploy Dual RAT Payloads CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 202611 mins0 In late January 2026, researchers uncovered an unusual malware infection attempt that didn’t stand out for advanced…continue reading..
