OWASP ZAP Introduces New PTK Add-On, Bringing Browser-Based Security Testing Into One Unified Workflow CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20268 mins0 The Zed Attack Proxy (ZAP), a popular open-source security testing tool, now includes native support for the…continue reading..
Curl Ends Bug Bounty Program After Surge of AI-Generated Vulnerability Reports CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20266 mins0 The curl project, a cornerstone of modern internet infrastructure, has announced that it will end its bug…continue reading..
Critical SmarterMail Vulnerability Under Active Attack, Admin Accounts Compromised CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20266 mins0 A critical security vulnerability has been discovered in SmarterTools’ SmarterMail email server software, and it is currently…continue reading..
Okta Warns of Vishing-Driven Attacks Targeting SSO Accounts CyberSecurity News CyberDefenderJanuary 23, 2026January 23, 20269 mins0 Okta has publicly warned organizations about a growing wave of attacks that combine voice phishing (vishing) with…continue reading..
When Search Becomes the Attack Vector: APT37’s Abuse of Google Ads for Silent Espionage Cyber Threat Intelligence AegironJanuary 22, 2026January 22, 202613 mins0 Incident Overview APT37 (also known as Reaper) is a threat group linked to North Korea that has…continue reading..
Happy Ransomware: A Silent MedusaLocker Variant Actively Crippling Enterprise Networks Cyber Threat Intelligence AegironJanuary 22, 2026January 22, 20269 mins0 Happy Ransomware (MedusaLocker family – Enterprise-targeted ransomware)Discovery timeframe: January 2026Target profile: Medium to large enterprise networksImpact type:…continue reading..
Osiris Ransomware: How a Trusted Driver Was Turned Into a Weapon to Kill Security and Encrypt Enterprises Cyber Threat Intelligence AegironJanuary 22, 202610 mins0 Osiris Ransomware – BYOVD-Based Attack Using POORTRY Driver Initial Discovery: January 22Attack Type: Ransomware with Security Bypass…continue reading..
Critical Alert: Crafted AI Model Files Can Crash Ollama Services Remotely Vulnerabilities AegironJanuary 22, 2026January 22, 202610 mins0 Product context Product: OllamaFunction: Local and server-based runtime for large language modelsPrimary Use Case: Model creation, import,…continue reading..
CVE-2026-22598: ManageIQ API Input Flaw Triggers Platform-Wide Denial of Service Vulnerabilities AegironJanuary 22, 2026January 22, 20269 mins0 CVE ID: CVE-2026-22598Affected Product: ManageIQVulnerability Type: Denial of Service (DoS) via improper input validationSeverity: HighCVSS Score: 7.1Attack…continue reading..
Critical Node.js Vulnerabilities Expose File Systems, Secrets, and Service Availability Vulnerabilities AegironJanuary 22, 2026January 22, 20268 mins0 Product Details Product Name: Node.jsProduct Type: Server-side JavaScript runtimeAffected Components: Core runtime engine, filesystem access layer, memory…continue reading..
