Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly ...

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...

Govt Warns Against This Security Bug Hackers Use to Access Company Data

The National Computer Emergency Response Team (National CERT) has issued a critical advisory warning organizations about a ...
Security Boulevard

Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
CSO Online

January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention

Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...
Infosecurity Magazine

SHADOW#REACTOR Campaign Uses Text-Only Staging to Deploy Remcos RAT

SHADOW#REACTOR is a multi-stage Windows malware campaign that stealthily deploys the Remcos RAT using complex infection ...
Cloud Security Alliance

Reimagining the Browser as a Critical Policy Enforcement Point: A Zero Trust Security Architecture for Modern Enterprises

Explores turning the browser into a policy enforcement point within a Zero Trust framework, covering governance, MFA, device ...
SecurityWeek

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet patches six vulnerabilities, including critical flaws in FortiFone and FortiSIEM leading to configuration leak and ...
Dark Reading

'Most Severe AI Vulnerability to Date' Hits ServiceNow

ServiceNow tacked agentic AI onto a largely unguarded legacy chatbot, exposing customers' data and connected systems.
LancasterOnline

Lancaster County government calendar: Jan. 12, 2026

Conestoga Valley School District Board of Directors will meet at 7 p.m. Monday, Jan. 12 in the district administration board ...