Australia Warned: Critical Infrastructure Exposed to Emerging Drone-Enabled Cyber Threats CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20265 mins0 New research from the University of Canberra and Innovation Central Canberra (ICC), supported by defence tech partner…continue reading..
Critical XSS Vulnerability Discovered in Movary Allows Attackers to Execute Malicious Scripts via Crafted Links CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20266 mins0 CVE-2026-23841 is a reflected cross-site scripting (XSS) vulnerability affecting Movary versions prior to 0.70.0.The issue arises from…continue reading..
MyTube Flaw Allows Anyone to Access Protected Settings Without Authentication CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20269 mins0 CVE-2026-23837 is a critical authorization bypass vulnerability affecting the MyTube application in versions prior to 1.7.66. The…continue reading..
UK Government Warns of Ongoing Cyber Disruption as Pro-Russian Hacktivists Target Public Services CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20264 mins0 The UK government has issued a renewed cybersecurity warning highlighting ongoing attacks by Russian-aligned hacktivist groups against…continue reading..
Critical Apache bRPC Flaw Exposes Servers to Unauthenticated Remote Command Execution (CVE-2025-60021) CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20266 mins0 CVE-2025-60021 is a critical remote command injection vulnerability in Apache bRPC, a high-performance RPC framework commonly used…continue reading..
Researchers Reveal Prompt Injection Bug in Google Gemini via Calendar Invites CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20266 mins0 In the recent “Weaponizing Calendar Invites” analysis, researchers demonstrated a semantic attack against Google Gemini where what…continue reading..
Critical Cloudflare Zero-Day Vulnerability in ACME Challenge Handling Enables Complete WAF Bypass and Unauthorized Origin Host Access CyberSecurity News CyberDefenderJanuary 20, 2026January 20, 20269 mins0 A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) was discovered that allowed attackers to bypass…continue reading..
CVE-2026-23722: Critical Reflected XSS Enables Silent Browser-Side Takeover in WeGIA CyberSecurity News AegironJanuary 19, 2026January 19, 20268 mins0 Executive Summary CVE-2026-23722 is a critical reflected XSS vulnerability in the WeGIA web application.The issue occurs because…continue reading..
CVE-2012-10064: Legacy WordPress Plugin Bug Enabling Silent Remote Code Execution CyberSecurity News AegironJanuary 19, 2026January 19, 20268 mins0 Vulnerability Overview CVE ID: CVE-2012-10064Affected Component: Omni Secure Files WordPress PluginAffected Versions: ≤ 0.1.13Attack Type: Remote, UnauthenticatedImpact:…continue reading..
Critical Stored XSS Vulnerability (CVE-2026-1181) Discovered in Altium Forum, Exposing Users to Account Takeover and Data Theft CyberSecurity News CyberDefenderJanuary 19, 2026January 19, 20268 mins0 CVE-2026-1181 is a stored (persistent) cross-site scripting vulnerability affecting the Altium Forum platform. The issue exists due…continue reading..
