Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...
Dark Reading

Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...
SecurityWeek

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Eight Windows and Office vulnerabilities patched this month have been assigned a critical severity rating. A majority can be ...

Apple warning to all iPhone users over 'product's security' in latest update

Some of the issues addressed by Apple in its latest update, including a serious exploit that reportedly allowed 'extremely ...

Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list

CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the ...
Redmondmag.com

Zero-Day Attack Drives 113-Vulnerability Patch Tuesday Release to Start 2026

Microsoft rang in 2026 with its biggest January Patch Tuesday rollout in four years, shipping fixes for 113 vulnerabilities ...

Trend Micro releases critical security fixes for Apex Central RCE - so patch now

Trend Micro has patched a critical-severity vulnerability in Apex Central (on-premise) which allowed threat actors to run ...

Critical vulnerability in automation tool: n8n allows code smuggling

The popular tool for creating no-code workflows has four critical vulnerabilities, one with the highest score. Admins should ...

Trend Micro warns of critical Apex Central RCE vulnerability

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges.

Update your MyAsus software now because there's a fix for a nasty hack that could easily ruin your day

You can also manually prompt it to get the latest update via the Microsoft Store by booting it up and finding the app. The ...

IPOR Labs Loses $336K in Arbitrum Vault Exploit, Vows Full Refund

IPOR Labs suffered a $336,000 exploit targeting its USDC Fusion Optimizer vault on Arbitrum, with the attack exploiting a combination of legacy contract vulnerabilities and Ethereum’s newly ...