Cyber Security News, MITRE ATT&CK Tactics & Techniques, Vulnerabilities Management, Cyber Kill Chain, Ransomware Attacks, CyberSecurity Alerts & Threat Advisories, IT Security, End Point Security, Security Updates

CVE-2026-21877: Critical n8n Arbitrary File Write Vulnerability Leading to Full Remote Code Execution

Vulnerabilities

AegironJanuary 7, 2026January 7, 202613 mins0

CVE Summary CVE ID: CVE-2026-21877Product: n8n (workflow automation platform)Vulnerability Type: Arbitrary File Write → Remote Code ExecutionSeverity:…

CVE-2025-69356: Critical Local File Inclusion in TheGem Elementor Plugin Enables File Disclosure and Potential RCE

Vulnerabilities

AegironJanuary 7, 2026January 7, 202610 mins0

CVE ID: CVE-2025-69356Product: CodexThemes – TheGem (Theme Elements for Elementor)Component: Elementor integration / dynamic template handlingVulnerability Type:…

CVE-2025-62877: Default SSH Credentials During Harvester Installation Enable Remote Host Takeover

Vulnerabilities

AegironJanuary 7, 2026January 7, 202610 mins0

Overview CVE-2025-62877 is a critical security issue affecting Harvester (SUSE Virtualization) when the platform is deployed using…

900K Users Exposed as Rogue Chrome Extensions Steal AI Chat Conversations

CyberSecurity News

CyberDefenderJanuary 7, 2026January 7, 20267 mins0

Cybersecurity researchers have uncovered two malicious Google Chrome extensions that secretly collected users’ AI chatbot conversations and…

UK Unveils £210m Cyber Shield to Protect Public Services

CyberSecurity News

CyberDefenderJanuary 6, 2026January 6, 20264 mins0

The UK Government has unveiled a £210 million investment aimed at strengthening cybersecurity and resilience across public…

CVE-2025-15385 Insufficient Verification of Data Authenticity in the TECNO Mobile

Threat Advisories

CyberDefenderJanuary 6, 2026January 6, 20262 mins0

Insufficient Verification of Data Authenticity in the TECNO Mobile com.Afmobi.Boomplayer app that can allow an authentication bypass.…

Judge Orders OpenAI to Hand Over 20 Million Anonymized ChatGPT Chats in Copyright Fight

CyberSecurity News

CyberDefenderJanuary 6, 2026January 6, 20264 mins0

Sidney H. Stein, a district judge in the Southern District of New York, on January 5, 2026,…

When a “New Booking” Becomes a Breach: DCRat Malware Targets Europe’s Hospitality Sector

Cyber Threat Intelligence

AegironJanuary 6, 2026January 6, 202610 mins0

Executive Summary A sustained malware campaign is actively targeting hospitality organizations across Europe using fraudulent booking-related emails…

CVE-2023-50897 — Media File Renamer plugin for WordPress Plugin Vulnerability

Vulnerabilities

CyberDefenderJanuary 6, 2026January 6, 20263 mins0

CVE-2023-50897 is a critical security vulnerability affecting the Media File Renamer plugin for WordPress (by Meow Apps).…

CVE-2026-0621: Single-Request Denial of Service in MCP TypeScript SDK via Catastrophic Regex Backtracking

Vulnerabilities

AegironJanuary 6, 2026January 6, 20269 mins0

Vulnerability Overview (At-a-Glance) Executive Summary CVE-2026-0621 is a denial-of-service vulnerability caused by unsafe regular expression construction in…