CyberNews: 14/01/2026 Edition

Published by Dunateo on 2026-01-14

Today’s roundup

  • Patch Tuesday, January 2026 Edition
  • U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog
  • Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution
  • Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow
  • Taiwan Endures Greater Cyber Pressure From China
  • More than 40 countries impacted by North Korea IT worker scams, crypto thefts
  • Dutch court convicts hacker who exploited port networks for drug trafficking
  • New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification
  • Monroe University says 2024 data breach affects 320,000 people
  • Victorian Department of Education says hackers stole students’ data

    • Summary

    Microsoft's January 2026 Patch Tuesday addressed 113 security flaws, including eight critical vulnerabilities and one actively exploited zero-day, CVE-2026-20805, affecting the Desktop Window Manager. This flaw could be chained with other exploits to bypass Address Space Layout Randomization (ASLR). The updates also removed outdated modem drivers and highlighted a critical Secure Boot bypass related to expiring certificates. Additionally, Mozilla Firefox received updates for 34 vulnerabilities, with two suspected of active exploitation.

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-20805, a Microsoft Windows Desktop Window Manager vulnerability, to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to address this actively exploited information disclosure flaw by February 3, 2026.

    Fortinet has released updates to fix a critical OS injection vulnerability, CVE-2025-64155, in FortiSIEM, rated 9.4 on the CVSS scale. This flaw allows an unauthenticated attacker to achieve remote code execution on susceptible instances.

    A critical security issue in Node.js, impacting virtually all production Node.js applications, has been patched. The vulnerability, caused by an async_hooks stack overflow, could lead to a denial-of-service condition.

    Taiwan's critical infrastructure, including energy utilities and hospitals, experienced a 6% increase in Chinese cyberattacks in 2025, averaging 2.63 million attacks daily, highlighting escalating geopolitical cyber pressure.

    A new United Nations report details how North Korea's extensive cyber operations, including IT worker scams and cryptocurrency thefts, impact over 40 countries and are used to fund its nuclear and ballistic weapons programs.

    A Dutch appeals court has sentenced a 44-year-old hacker to seven years in prison for exploiting port networks to facilitate cocaine trafficking. The hacker installed malware via a bribed Antwerp port worker, gaining remote access to container, gate, and access-control systems, and manipulating records to smuggle 210 kg of cocaine.

    New research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, a significant increase from 51% in 2024. The study also noted spikes in malicious activity within government and education sectors, with specific third-party vendors identified as primary sources of violations.

    Monroe University disclosed a December 2024 cyberattack that resulted in the theft of personal, financial, and health information belonging to over 320,000 individuals.

    The Department of Education in Victoria, Australia, has notified parents of a data breach where attackers gained unauthorized access to a database containing personal information of current and former students.

    Want to dig deeper?

    Vulnerabilities

    CVE-2026-20805 Medium
    CVE-2025-64155 Medium