CISA Mandates Patches for Exploited Windows & Gogs Zero-Days; Ransomware Cripples Hospital & Energy Giant Breached

CISA Mandates Patch for Exploited Windows Zero-Day Used in Attack Chains

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a zero-day vulnerability in the Windows Desktop Window Manager (CVE-2026-20805) by February 3, 2026. The medium-severity information disclosure flaw is being...

Spanish Energy Giant Endesa Hit by Massive Data Breach, 20M Records Allegedly For Sale

Spain's largest electric utility, Endesa, has confirmed a data breach after detecting unauthorized access to a commercial platform. The company admitted that customer PII, contact details, and bank account IBANs were potentially exposed. The situation is ampli...

Pax8 Data Leak Exposes Sensitive MSP and Customer Info via Accidental Email

Cloud commerce marketplace Pax8 has confirmed a data exposure incident caused by human error. On January 13, an employee mistakenly sent an email containing a CSV file with sensitive, non-PII business data for approximately 1,800 Managed Service Provider (MSP)...

CISA Warns of Critical Flaws in Rockwell & YoSmart ICS Equipment

CISA has released several Industrial Control Systems (ICS) advisories, warning of significant vulnerabilities in widely deployed equipment from Rockwell Automation and YoSmart. A high-severity SQL injection flaw (CVE-2025-12807) in Rockwell's FactoryTalk platf...

Russian GRU Hackers (APT28) Evolve Credential-Harvesting Tactics

The Russian GRU-linked threat group BlueDelta, also known as APT28 or Fancy Bear, has been observed refining its credential-harvesting operations. According to research from Recorded Future, campaigns between February and September 2025 targeted energy, defens...

Russian Hackers Target Ukrainian Military with "PluggyApe" Malware

A Russian-linked hacking group, Void Blizzard (also known as UAC-0190), has been targeting the Ukrainian Defense Forces with a new cyber-espionage campaign. According to CERT-UA, the attacks, which occurred between October and December 2025, use a novel malwar...

ConnectPOS Exposed Admin GitHub Token for Over Four Years, Creating Massive Supply Chain Risk

Point-of-sale vendor ConnectPOS exposed a GitHub Personal Access Token (PAT) with full administrative privileges in its public documentation for over four years, from September 2021 until its discovery in January 2026. The blunder, found by security firm Sanse...

Microsoft's January 2026 Patch Tuesday Fixes 114 Flaws, Including One Exploited Zero-Day

Microsoft has released its first Patch Tuesday of 2026, a substantial update that addresses 114 security vulnerabilities across a wide range of its products, including Windows, Office, Azure, and SharePoint. The release includes fixes for eight critical remote...

Ransomware Evolves: Groups Recruit Insiders, Add DDoS as Profits Fall

Update:Recent analysis reveals a significant shift in ransomware tactics, with threat actors moving towards 'extortion-only' attacks that forgo data encryption entirely. Instead, they focus on silent, long-term data exfiltration, followed by threats to leak stolen in...