Here's a summary of the most important world, technology, and cybersecurity news from the last 24-48 hours:

World: A train crash in Thailand killed at least 22 people (Jan 14). US President Trump warned Iran amid protests and reaffirmed his desire to acquire Greenland (Jan 14).

Technology: Big Tech companies are heavily investing in energy infrastructure to power their AI ambitions amidst growing backlash over resource usage (Jan 14). Apple's status as a tech visionary is being questioned amidst the rapid AI advancements (Jan 14).

Cybersecurity: CISA and Microsoft patched an actively exploited Windows information disclosure vulnerability (CVE-2026-20805) (Jan 13-14). The World Economic Forum's 2026 outlook highlights enterprise security facing a "three-front war" from cybercrime, AI misuse, and supply chain attacks (Jan 13).

#News #Anonymous #AnonNews_irc

📰 CISA Mandates Patch for Exploited Windows Zero-Day Used in Attack Chains

🚨 CISA adds actively exploited Windows zero-day CVE-2026-20805 to its KEV catalog! The info-disclosure flaw in Desktop Window Manager is used to bypass ASLR in attack chains. Federal agencies must patch by Feb 3. ⚠️ #Windows #ZeroDay #Infosec

🔗 https://cyber.netsecops.io/articles/cisa-mandates-patch-for-actively-exploited-windows-zero-day-cve-2026-20805/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

📰 Microsoft's January 2026 Patch Tuesday Fixes 114 Flaws, Including One Exploited Zero-Day

Microsoft's January 2026 Patch Tuesday is massive, fixing 114 vulnerabilities! 💻 The update includes 8 critical RCE flaws and one actively exploited zero-day (CVE-2026-20805). Prioritize patching now! #PatchTuesday #Microsoft #Cybersecurity

🔗 https://cyber.netsecops.io/articles/microsoft-january-2026-patch-tuesday-fixes-114-vulnerabilities/?utm_source=mastodon&utm_medium=social…

Microsoft patched an actively exploited Windows DWM flaw (CVE-2026-20805) in January Patch Tuesday.

CISA added it to the KEV list within hours, warning of real-world attacks.
Patch now. Medium severity, high impact when chained.

#Windows #PatchTuesday #CyberSecurity #CVE

Microsoft Flickentag 2026-01

Zum Beginn des Jahres bringt Microsoft (MS) Flicken für 113 Sicherheitslücken - eine ganze Menge. Von denen wird eine (CVE-2026-20805) bereits für Angriffe ausgenutzt (Zero-Day); eine andere (CVE-2026-21265) war schon lange bekannt, aber wird (noch) nicht für Angriffe genutzt. Von den jetzt geflickten Sicherheitslücken stuft MS 8 als kritisch ein, 5 von denen stecken in Komponenten von MS-Office. Die bereits ausgenutzte CVE-2026-20805 stuft MS nur als wichtig (nicht als kritisch) ein, das verstehe wer will. Die CISA hat diese Lücke in den KEV (Known Exploited Vulnerabilities) Katalog aufgenommen und eine Order erlassen, nach der Behörden

https://www.pc-fluesterer.info/wordpress/2026/01/14/microsoft-flickentag-2026-01/

#Warnung #0day #exploits #Microsoft #office #sicherheit #UnplugTrump #windows #zahlen #zeroday

Cyber Threat Intelligence Briefing – Jan. 14, 2026

Incident: Microsoft Windows users impacted by CVE-2026-20805 causing memory information disclosure

Date of Incident (ET): Unknown

Date of Disclosure (ET): Jan. 13, 2026

Summary: Microsoft addressed a zero-day vulnerability in Desktop Window Manager actively exploited to leak sensitive memory addresses. CISA added the flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by Feb. 3.

Source: https://www.theregister.com/2026/01/14/patch_tuesday_january_2026/

Incident: Nissan Motor Corporation impacted by Everest ransomware causing data extortion threat

Date of Incident (ET): Jan. 10, 2026

Date of Disclosure (ET): Jan. 13, 2026

Summary: The Everest ransomware group listed Nissan on its leak site, claiming the theft of 900 gigabytes of data. The group has threatened to release dealership orders, sales records, and internal business communications if demands are unmet.

Source: https://www.scworld.com/brief/everest-ransomware-group-claims-nissan-breach-demands-response

Incident: Polish power system impacted by Russian-linked actor causing attempted disruption

Date of Incident (ET): December 2025

Date of Disclosure (ET): Jan. 13, 2026

Summary: Poland's energy minister confirmed the country repelled a massive cyberattack targeting communications between renewable installations and distribution operators. Officials attributed the failed attempt to disrupt critical infrastructure to Russian military intelligence actors.

Source: https://www.straitstimes.com/world/europe/massive-cyberattack-on-polish-power-system-in-december-failed-minister-says

Incident: Gogs repository service impacted by CVE-2025-8110 causing remote code execution

Date of Incident (ET): Unknown

Date of Disclosure (ET): Jan. 13, 2026

Summary: CISA warned of active exploitation of a high-severity path traversal flaw in the Gogs Git service. The vulnerability allows attackers to overwrite sensitive files and achieve code execution; approximately 700 instances have been compromised.

Source: https://thehackernews.com/2026/01/cisa-warns-of-active-exploitation-of.html

Incident: Betterment customers impacted by social engineering causing unauthorized PII access

Date of Incident (ET): Jan. 9, 2026

Date of Disclosure (ET): Jan. 12, 2026

Summary: Fintech firm Betterment confirmed a breach of third-party marketing systems via social engineering. Attackers accessed customer names and contact details to distribute fraudulent cryptocurrency scam notifications to users, though core accounts remained secure.

Source: https://techcrunch.com/2026/01/12/fintech-firm-betterment-confirms-data-breach-after-hackers-send-fake-crypto-scam-notification-to-users/

‼️CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution

Exploit/PoC: https://github.com/horizon3ai/CVE-2025-64155

CVSS: 9.4
Published: Jan 13, 2026

Writeup: https://horizon3.ai/attack-research/disclosures/cve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem/

Advisory: https://fortiguard.fortinet.com/psirt/FG-IR-25-772

🚨 CVE-2025-64155: Critical unauthenticated OS command injection in Fortinet FortiSIEM which may allow an unauthenticated attacker to execute unauthorised code or commands via crafted TCP requests. (CVSS 9.8)

I've created a vulnerability detection script here:
https://github.com/rxerium/rxerium-templates/blob/main/2025/CVE-2025-64155.yaml

Patches are strongly advised. If you are unable to patch it is recommended that you limit access to the phMonitor port (7900) as per Fortinet's advisory:
https://fortiguard.fortinet.com/psirt/FG-IR-25-772

Serveur WDS – CVE-2026-0386 : le correctif va impacter les fichiers de réponse https://www.it-connect.fr/serveur-wds-cve-2026-0386-le-correctif-va-impacter-les-fichiers-de-reponse/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft #WDS

There's the DoS.

CVSS-BT: 7.7 / CVSS-B: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/AU:Y/R:U/V:D/RE:M/U:Amber)

https://security.paloaltonetworks.com/CVE-2026-0227

@cR0w cve-2026-0227 seems spicy

For anyone who's been to one of my #Kubernetes #Security talks over the last couple of years, you may have seen me mention "the unpatchable 4", which is a set of Kubernetes CVEs for which there are no patches, you need to mitigate them with configuration or architecture choices.

I've been meaning to write more about them, and finally got a chance so here's the first in a mini-series of posts looking at the CVEs and the underlying reasons they occur. This time it's CVE-2020-8554.

https://securitylabs.datadoghq.com/articles/unpatchable-kubernetes-vulnerabilities-cve-2020-8554/

🔴 CVE-2026-22686 - Critical (10)

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22686/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Microsoft Flickentag 2026-01

Zum Beginn des Jahres bringt Microsoft (MS) Flicken für 113 Sicherheitslücken - eine ganze Menge. Von denen wird eine (CVE-2026-20805) bereits für Angriffe ausgenutzt (Zero-Day); eine andere (CVE-2026-21265) war schon lange bekannt, aber wird (noch) nicht für Angriffe genutzt. Von den jetzt geflickten Sicherheitslücken stuft MS 8 als kritisch ein, 5 von denen stecken in Komponenten von MS-Office. Die bereits ausgenutzte CVE-2026-20805 stuft MS nur als wichtig (nicht als kritisch) ein, das verstehe wer will. Die CISA hat diese Lücke in den KEV (Known Exploited Vulnerabilities) Katalog aufgenommen und eine Order erlassen, nach der Behörden

https://www.pc-fluesterer.info/wordpress/2026/01/14/microsoft-flickentag-2026-01/

#Warnung #0day #exploits #Microsoft #office #sicherheit #UnplugTrump #windows #zahlen #zeroday

Haven't seen a cypher injection for a while. This one is in Apache Camel-Neo4j.

https://camel.apache.org/security/CVE-2025-66169.html

　XserverからMastodonに関して重大かつ緊急性の高いセキュリティ脆弱性が確認されたとのことで昨日メールが届いていた。@mstdn.mrmts.com のMastodonの現在のバージョンはv4.5.4です。ちのみに、@mstdn.jp のMastodonのバージョンはv4.1.25です。以下転載。

■発表された脆弱性
　CVE-2026-22245

■影響を受ける環境
　Mastodonをご利用の環境

■脆弱性を確認したバージョン
　v4.2.29未満
　v4.3.17未満
　v4.4.11未満
　v4.5.4未満

■脆弱性の影響
　脆弱性の悪用により、第三者がサーバー内部の情報へ
　不正にアクセスし、機密情報が漏洩する恐れがあります。

■対策
　開発元の指示に従い、脆弱性が修正された最新バージョンへのアップデート
　を適用してください。

■詳細について（外部サイト）
　https://nvd.nist.gov/vuln/detail/CVE-2026-22245