‼️ CVE-2026-20805: Microsoft Windows Information Disclosure Vulnerability has been added to the CISA KEV Catalog

https://darkwebinformer.com/cisa-kev-catalog/

0-day: Yes
CVSS: 5.5

This vulnerability was patched during January 13th, 2026 Patch Tuesday.

Here's a summary of the most important world, technology, and cybersecurity news from the last 24-48 hours:

World: A train crash in Thailand killed at least 22 people (Jan 14). US President Trump warned Iran amid protests and reaffirmed his desire to acquire Greenland (Jan 14).

Technology: Big Tech companies are heavily investing in energy infrastructure to power their AI ambitions amidst growing backlash over resource usage (Jan 14). Apple's status as a tech visionary is being questioned amidst the rapid AI advancements (Jan 14).

Cybersecurity: CISA and Microsoft patched an actively exploited Windows information disclosure vulnerability (CVE-2026-20805) (Jan 13-14). The World Economic Forum's 2026 outlook highlights enterprise security facing a "three-front war" from cybercrime, AI misuse, and supply chain attacks (Jan 13).

#News #Anonymous #AnonNews_irc

📰 CISA Mandates Patch for Exploited Windows Zero-Day Used in Attack Chains

🚨 CISA adds actively exploited Windows zero-day CVE-2026-20805 to its KEV catalog! The info-disclosure flaw in Desktop Window Manager is used to bypass ASLR in attack chains. Federal agencies must patch by Feb 3. ⚠️ #Windows #ZeroDay #Infosec

🔗 https://cyber.netsecops.io/articles/cisa-mandates-patch-for-actively-exploited-windows-zero-day-cve-2026-20805/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

📰 Microsoft's January 2026 Patch Tuesday Fixes 114 Flaws, Including One Exploited Zero-Day

Microsoft's January 2026 Patch Tuesday is massive, fixing 114 vulnerabilities! 💻 The update includes 8 critical RCE flaws and one actively exploited zero-day (CVE-2026-20805). Prioritize patching now! #PatchTuesday #Microsoft #Cybersecurity

🔗 https://cyber.netsecops.io/articles/microsoft-january-2026-patch-tuesday-fixes-114-vulnerabilities/?utm_source=mastodon&utm_medium=social…

Microsoft Flickentag 2026-01

Zum Beginn des Jahres bringt Microsoft (MS) Flicken für 113 Sicherheitslücken - eine ganze Menge. Von denen wird eine (CVE-2026-20805) bereits für Angriffe ausgenutzt (Zero-Day); eine andere (CVE-2026-21265) war schon lange bekannt, aber wird (noch) nicht für Angriffe genutzt. Von den jetzt geflickten Sicherheitslücken stuft MS 8 als kritisch ein, 5 von denen stecken in Komponenten von MS-Office. Die bereits ausgenutzte CVE-2026-20805 stuft MS nur als wichtig (nicht als kritisch) ein, das verstehe wer will. Die CISA hat diese Lücke in den KEV (Known Exploited Vulnerabilities) Katalog aufgenommen und eine Order erlassen, nach der Behörden

https://www.pc-fluesterer.info/wordpress/2026/01/14/microsoft-flickentag-2026-01/

#Warnung #0day #exploits #Microsoft #office #sicherheit #UnplugTrump #windows #zahlen #zeroday

Cyber Threat Intelligence Briefing – Jan. 14, 2026

Incident: Microsoft Windows users impacted by CVE-2026-20805 causing memory information disclosure

Date of Incident (ET): Unknown

Date of Disclosure (ET): Jan. 13, 2026

Summary: Microsoft addressed a zero-day vulnerability in Desktop Window Manager actively exploited to leak sensitive memory addresses. CISA added the flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to patch by Feb. 3.

Source: https://www.theregister.com/2026/01/14/patch_tuesday_january_2026/

Incident: Nissan Motor Corporation impacted by Everest ransomware causing data extortion threat

Date of Incident (ET): Jan. 10, 2026

Date of Disclosure (ET): Jan. 13, 2026

Summary: The Everest ransomware group listed Nissan on its leak site, claiming the theft of 900 gigabytes of data. The group has threatened to release dealership orders, sales records, and internal business communications if demands are unmet.

Source: https://www.scworld.com/brief/everest-ransomware-group-claims-nissan-breach-demands-response

Incident: Polish power system impacted by Russian-linked actor causing attempted disruption

Date of Incident (ET): December 2025

Date of Disclosure (ET): Jan. 13, 2026

Summary: Poland's energy minister confirmed the country repelled a massive cyberattack targeting communications between renewable installations and distribution operators. Officials attributed the failed attempt to disrupt critical infrastructure to Russian military intelligence actors.

Source: https://www.straitstimes.com/world/europe/massive-cyberattack-on-polish-power-system-in-december-failed-minister-says

Incident: Gogs repository service impacted by CVE-2025-8110 causing remote code execution

Date of Incident (ET): Unknown

Date of Disclosure (ET): Jan. 13, 2026

Summary: CISA warned of active exploitation of a high-severity path traversal flaw in the Gogs Git service. The vulnerability allows attackers to overwrite sensitive files and achieve code execution; approximately 700 instances have been compromised.

Source: https://thehackernews.com/2026/01/cisa-warns-of-active-exploitation-of.html

Incident: Betterment customers impacted by social engineering causing unauthorized PII access

Date of Incident (ET): Jan. 9, 2026

Date of Disclosure (ET): Jan. 12, 2026

Summary: Fintech firm Betterment confirmed a breach of third-party marketing systems via social engineering. Attackers accessed customer names and contact details to distribute fraudulent cryptocurrency scam notifications to users, though core accounts remained secure.

Source: https://techcrunch.com/2026/01/12/fintech-firm-betterment-confirms-data-breach-after-hackers-send-fake-crypto-scam-notification-to-users/

‼️CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution

Exploit/PoC: https://github.com/horizon3ai/CVE-2025-64155

CVSS: 9.4
Published: Jan 13, 2026

Writeup: https://horizon3.ai/attack-research/disclosures/cve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem/

Advisory: https://fortiguard.fortinet.com/psirt/FG-IR-25-772

🚨 CVE-2025-64155: Critical unauthenticated OS command injection in Fortinet FortiSIEM which may allow an unauthenticated attacker to execute unauthorised code or commands via crafted TCP requests. (CVSS 9.8)

I've created a vulnerability detection script here:
https://github.com/rxerium/rxerium-templates/blob/main/2025/CVE-2025-64155.yaml

Patches are strongly advised. If you are unable to patch it is recommended that you limit access to the phMonitor port (7900) as per Fortinet's advisory:
https://fortiguard.fortinet.com/psirt/FG-IR-25-772

Serveur WDS – CVE-2026-0386 : le correctif va impacter les fichiers de réponse https://www.it-connect.fr/serveur-wds-cve-2026-0386-le-correctif-va-impacter-les-fichiers-de-reponse/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft #WDS

There's the DoS.

CVSS-BT: 7.7 / CVSS-B: 8.7 (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/AU:Y/R:U/V:D/RE:M/U:Amber)

https://security.paloaltonetworks.com/CVE-2026-0227

@cR0w cve-2026-0227 seems spicy

Here's a digest of the most important news from the last 24 hours:

**World:**
US President Donald Trump ordered 25% tariffs on all countries doing business with Iran (Jan 13). The UN warned of alarming child malnutrition in Gaza, with nearly 95,000 cases in 2025.

**Technology:**
Google is set to integrate product purchases within its Gemini AI platform (Jan 13). Meta is reportedly laying off hundreds of employees in its metaverse division (Jan 13).

**Cybersecurity:**
The World Economic Forum's Global Cybersecurity Outlook 2026 highlights cybercrime, AI misuse, and supply chain risks as major threats. ServiceNow patched a critical AI platform flaw (CVE-2025-12420) on January 13, which could allow unauthenticated user impersonation.

#News #Anonymous #AnonNews_irc

For anyone who's been to one of my #Kubernetes #Security talks over the last couple of years, you may have seen me mention "the unpatchable 4", which is a set of Kubernetes CVEs for which there are no patches, you need to mitigate them with configuration or architecture choices.

I've been meaning to write more about them, and finally got a chance so here's the first in a mini-series of posts looking at the CVEs and the underlying reasons they occur. This time it's CVE-2020-8554.

https://securitylabs.datadoghq.com/articles/unpatchable-kubernetes-vulnerabilities-cve-2020-8554/

Guest Post: 115 CVEs Mark One of the Biggest January Patch Tuesdays Yet

By Tyler Reguly, Associate Director, Security R&D, Fortra CISOs this month should be paying a lot of attention to CVE-2026-21265 and the guidance associated with it. More specifically, they should be looking at the Windows Secure Boot certificate expiration and CA Updates that Microsoft published June 26, 2025. When the Secure Boot certificates expire in June of this year, organizations that…

https://itnerd.blog/2026/01/13/guest-post-115-cves-mark-one-of-the-biggest-january-patch-tuesdays-yet/

Microsoft Flickentag 2026-01

Zum Beginn des Jahres bringt Microsoft (MS) Flicken für 113 Sicherheitslücken - eine ganze Menge. Von denen wird eine (CVE-2026-20805) bereits für Angriffe ausgenutzt (Zero-Day); eine andere (CVE-2026-21265) war schon lange bekannt, aber wird (noch) nicht für Angriffe genutzt. Von den jetzt geflickten Sicherheitslücken stuft MS 8 als kritisch ein, 5 von denen stecken in Komponenten von MS-Office. Die bereits ausgenutzte CVE-2026-20805 stuft MS nur als wichtig (nicht als kritisch) ein, das verstehe wer will. Die CISA hat diese Lücke in den KEV (Known Exploited Vulnerabilities) Katalog aufgenommen und eine Order erlassen, nach der Behörden

https://www.pc-fluesterer.info/wordpress/2026/01/14/microsoft-flickentag-2026-01/

#Warnung #0day #exploits #Microsoft #office #sicherheit #UnplugTrump #windows #zahlen #zeroday

🚨 Critical (CVSS 9.6) vulnerability in Appsmith allows account takeover via Origin header manipulation in password reset/email verification flows.

I've created a vulnerability detection script here:
https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-22794.yaml

Reference:
https://github.com/appsmithorg/appsmith/security/advisories/GHSA-7hf5-mc28-xmcv

🔴 CVE-2026-22686 - Critical (10)

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.7.0, there is a critical sandbox escape vulnerability in enclave-vm that allows untrusted, sandboxed JavaScript code to execute arbitrary code in the host...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22686/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Haven't seen a cypher injection for a while. This one is in Apache Camel-Neo4j.

https://camel.apache.org/security/CVE-2025-66169.html