CVE-2025-23554 vulnerability in Jakub Glos Off Page SEO allows Reflected XSS Threat Advisories CyberDefenderDecember 30, 2025December 30, 20252 mins0 CVE-2025-23554 is a high-severity security vulnerability classified as Improper Neutralization of Input During Web Page Generation —…continue reading..
ColdFusion Servers Under Fire: Millions of Live Attacks Are Happening Right Now Cyber Threat Intelligence AegironDecember 30, 2025December 30, 20259 mins0 Security Alert Issued: December 29, 2024Attack Type: Mass exploitation campaign / webshell deploymentPrimary Target: Adobe ColdFusion application…continue reading..
January 2026 Countdown: Sweden’s NIS2 Cybersecurity Act CyberSecurity News CyberDefenderDecember 30, 2025December 30, 20256 mins0 The Cybersecurity Act (Swedish: Cybersäkerhetslagen) is Sweden’s national law transposing the EU’s NIS2 Directive into domestic legislation.…continue reading..
Codefinger: The Ransomware That Doesn’t Infect Your Servers — It Erases Your Cloud Cyber Threat Intelligence AegironDecember 30, 2025December 30, 202511 mins0 Threat Advisory Date: December 30, 2024Threat Name: Codefinger RansomwareTarget Platform: Amazon Web Services (AWS) S3Classification: Cloud-Native Ransomware…continue reading..
When Updates Turn Malicious: EmEditor Supply Chain Breach Exposes Developers to Credential Theft Cyber Threat Intelligence AegironDecember 30, 2025December 30, 202511 mins0 Incident Report Date: December 30, 2024Attack Classification: Supply Chain Compromise / Software Distribution Channel AttackSeverity: CRITICALThreat Actor:…continue reading..
When Opening Code Becomes Running Code: Inside CVE-2025-68120 and the Hidden Risk in Developer Tools Threat Advisories AegironDecember 30, 2025December 30, 202511 mins0 A Deep Dive into the Visual Studio Code Go Extension Vulnerability Developer tools are often treated as…continue reading..
Copilot Studio Wasn’t Hacked — It Was Trusted Too Much Cyber Threat Intelligence AegironDecember 30, 2025December 30, 20255 mins0 What’s actually happening with Copilot Studio The issue isn’t that Microsoft Copilot Studio itself was “hacked” in…continue reading..
CVE-2025-69217: coturn TURN/STUN Server Predictable Random Number Generation Vulnerability Threat Advisories AegironDecember 30, 2025December 30, 202512 mins0 Vulnerability Overview CVE Identifier: CVE-2025-69217Affected Software: coturn (TURN / STUN Server Implementation)Vulnerable Versions: 4.6.2-r5 through 4.7.0-r4Fixed Version:…continue reading..
EDR Goes Blind: ToneShell Protected by a Kernel-Mode Rootkit Malware CyberDefenderDecember 30, 2025December 30, 20256 mins0 A China-linked advanced persistent threat (APT) — associated with Mustang Panda and also tracked as Hive0154 —…continue reading..
CVE-2025-15068 – Missing Authorization in Gmission Web Fax Threat Advisories CyberDefenderDecember 29, 2025December 29, 20258 mins0 Title: Missing Authorization in Gmission Web Fax (privilege abuse / session credential falsification)Published: 29 Dec 2025Severity: High…continue reading..
