Cyber Security News, MITRE ATT&CK Tactics & Techniques, Vulnerabilities Management, Cyber Kill Chain, Ransomware Attacks, CyberSecurity Alerts & Threat Advisories, IT Security, End Point Security, Security Updates

Microsoft Cancels Planned Exchange Online Bulk Email Limit

CyberSecurity News

CyberDefenderJanuary 7, 2026January 7, 20263 mins0

Microsoft has canceled indefinitely its previously planned daily limit on the number of external recipients Exchange Online…

Attackers Abuse Google Cloud Services to Steal Microsoft 365 Credentials

CyberSecurity News

CyberDefenderJanuary 7, 2026January 7, 20264 mins0

Cybersecurity researchers have uncovered an ongoing phishing campaign where threat actors are actively misusing Google Cloud infrastructure…

CVE-2025-13744: Stored XSS in Search & Filter Views Enables Session Hijack and Admin Compromise

Vulnerabilities

AegironJanuary 7, 2026January 7, 20269 mins0

CVE-2025-13744 Vulnerability Type: Cross-Site Scripting (XSS)Category: Web Application – Stored XSSCVSS Score: 8.4Severity: HighAttack Vector: NetworkAttack Complexity:…

CVE-2025-47388: Qualcomm DSP Memory Corruption Exposes Android Devices to Kernel Crash and Privilege Escalation

Vulnerabilities

AegironJanuary 7, 2026January 7, 20268 mins0

Executive Summary What This Vulnerability Is CVE-2025-47388 is a memory corruption flaw in Qualcomm’s DSP service, a…

CVE-2025-15471: Critical Unauthenticated OS Command Injection in TRENDnet TEW-713RE Router

Vulnerabilities

AegironJanuary 7, 2026January 7, 202615 mins0

Executive summary There’s an OS command-injection flaw in the TEW-713RE web management stack. An attacker who can…

CVE-2025-30996: Critical WordPress Theme Flaw Enables Instant Web-Shell Takeover

Vulnerabilities

AegironJanuary 7, 2026January 7, 20266 mins0

Severity: CriticalCVSS: ~9.8Impact: Full site takeoverExploitability: High (authenticated attacker)Attack Outcome: Remote code execution via web shell What’s…

CVE-2025-14942: Silent SSH Handshake Flaw Exposes Credentials in wolfSSH

Vulnerabilities

AegironJanuary 7, 2026January 7, 20269 mins0

Product: wolfSSH (by wolfSSL)Vulnerability Type: Credential Disclosure / Authentication Logic FlawSeverity: CRITICALCVSS v3.x Score: 9.4 (Critical)Attack Vector:…

CVE-2025-60534: When Trust Replaces Authentication in Blue Access Cobalt

Vulnerabilities

AegironJanuary 7, 2026January 7, 20269 mins0

CVE ID: CVE-2025-60534Product: Blue Access – CobaltVulnerability Type: Authentication BypassSeverity: CriticalCVSS (estimated): 9.8Attack Vector: Remote, unauthenticatedPrivileges Required:…

CVE-2025-60262: Unauthenticated Root Takeover via FTP on H3C Wireless Controllers

Vulnerabilities

AegironJanuary 7, 2026January 7, 20267 mins0

Vulnerability Type: Authentication Bypass / Privilege EscalationAffected Component: FTP service (vsftpd) on H3C Wireless ControllersSeverity: CriticalCVSS v3.1…

Phishing from the Inside: Microsoft Warns of Email Routing Risks

CyberSecurity News

CyberDefenderJanuary 7, 2026January 7, 20265 mins0

Microsoft’s Threat Intelligence team has alerted organizations that threat actors are increasingly exploiting misconfigured email routing and…