If you have any one address' private key and the xpub you can recover the private keys of all the addresses in the electrum wallet.
That's new to me!
Do you have any source where I can dive deeper in this subject?
See for example:
Keep in mind: XPUB and one private key will expose all private keys in the same HD wallet!!!:
This should be shown in RED CAPITAL LETTERS every time anyone creates a new HD wallet!!! I have been storing my bitcoins for years thinking they would be secure in my cold storage and never cared about compromized private keys of old addresses with zero balance. I've been lately throwing the priv keys of used addresses left and right to claim all airdrops/forks thinking that if the address does not have any BTC anymore, leaking its private key cannot cause any harm. I have also stored my xpub key on all my devices unencrypted to create watch-only wallets (any malware/hacker could have captured BOTH)
On the same page user
largely_useless adds this:
Keep in mind that this only goes for unhardened derivation. BIP44/49 uses hardened derivation on the account level, so the risk is limited to only the funds in the compromised account.