Cisco has released fresh patches to address what it described as a “critical” security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has been actively exploited as a zero-day in the wild. The vulnerability,…
Category: EN
NSFOCUS AI-Scan Gains Recognition from Authoritative Institution
SANTA CLARA, Calif., Jan 22, 2026 – Recently, International Data Corporation (IDC) released the report “China Large Language Model (LLM) Security Assessment Platform Vendor Technology Evaluation” (Doc#CHC53839325, October 2025). NSFOCUS was selected for this report based on its proven product performance…
Fortinet SSO Vulnerability Actively Exploited to Hack Firewalls and Gain Admin Access
A critical vulnerability in Fortinet’s Single Sign-On (SSO) feature for FortiGate firewalls, tracked as CVE-2025-59718, is under active exploitation. Attackers are leveraging it to create unauthorized local admin accounts, granting full administrative access to internet-exposed devices. Multiple users have reported…
Cisco Unified Communications 0-day RCE Vulnerability Exploited in the Wild to Gain Root Access
Cisco has disclosed a critical zero-day remote code execution (RCE) vulnerability, CVE-2026-20045, actively exploited in the wild. Affecting key Unified Communications products, this flaw allows unauthenticated attackers to run arbitrary commands on the underlying OS, potentially gaining root access. The…
A new framework helps banks sort urgent post-quantum crypto work from the rest
Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out a scoring framework that helps banks rank systems and business use cases based on quantum risk…
ISC Stormcast For Thursday, January 22nd, 2026 https://isc.sans.edu/podcastdetail/9776, (Thu, Jan 22nd)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, January 22nd, 2026…
macOS Tahoe improves privacy and communication safety
macOS Tahoe privacy and security features focus on screening unwanted contact, limiting tracking, and keeping more decisions on the device. Most updates run quietly in the background and require little setup. Built-in filtering for calls and messages Apple reduced exposure…
Cisco fixed actively exploited Unified Communications zero day
Cisco patched a critical zero-day RCE flaw (CVE-2026-20045) in Unified Communications and Webex Calling that is actively exploited in the wild. Cisco patched a critical zero-day remote code execution flaw, tracked as CVE-2026-20045 (CVSS score of 8.2), actively exploited in…
Top 8 cybersecurity predictions for 2026
<p>Look into our cybersecurity crystal ball for the rest of 2026, and you probably won’t be surprised to see a familiar acronym appear: AI.</p> <p>What’s new this year is that — three years after ChatGPT first burst into public consciousness…
Davos discussion mulls how to keep AI agents from running wild
Where the shiny new FOMO object collides with insider-threat reality AI agents arrived in Davos this week with the question of how to secure them – and prevent agents from becoming the ultimate insider threat – taking center stage during…
Microsoft updates the security baseline for Microsoft 365 Apps for enterprise
Microsoft has published version 2512 of its security baseline for Microsoft 365 Apps for enterprise. The baseline documents recommended policy settings for Office applications used in enterprise environments and maps those settings to current management tools. What the v2512 baseline…
What innovative practices secure AI-driven architectures?
How Do Non-Human Identities Strengthen AI Security Architectures? Is your organization fully prepared to handle the intricate demands of AI-driven systems? Non-Human Identities (NHIs) play a crucial role in securing AI architectures. By effectively managing these machine identities, organizations can…
Can AI manage cloud security effectively?
How Can AI Revolutionize Cloud Security Management? How do organizations ensure that their cloud environments are not just secure but intelligently managed? The answer lies in understanding the potential of AI in cloud security. With machines become predominant players in…
What makes NHIs safe for my company?
How Secure Are Non-Human Identities in Your Company’s Digital Strategy? Have you ever considered who—or rather, what—is accessing your company’s data? While we often focus on human users in cybersecurity strategies, non-human identities (NHIs) play a pivotal role in security…
How powerful is agentic AI in detecting threats?
Is Agentic AI the Key to Revolutionizing Threat Detection in Cybersecurity? Where organizations increasingly migrate to cloud environments, the complexity of safeguarding data intensifies. Cybersecurity is no longer just about protecting networks from human attackers but also about managing machine…
News alert: Reflectiz study finds most third-party web apps access sensitive data without justification
BOSTON, Jan. 21, 2026, CyberNewswire — Reflectiz today announced the release of its 2026 State of Web Exposure Research, revealing a sharp escalation in client?side risk across global websites, driven primarily by third?party applications, marketing tools, and unmanaged digital ……
Acting CISA chief defends workforce cuts, declares agency ‘back on mission’
Lawmakers in both parties expressed concerns about CISA losing roughly a thousand employees. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Acting CISA chief defends workforce cuts, declares agency ‘back on mission’
Iranian TV Transmission Hacked With Message from Exiled Prince
Unidentified hackers disrupted Iranian state television to broadcast messages from exiled Crown Prince Reza Pahlavi. Read about the economic crisis, the internet blackout, and the latest reports on the protest death toll. This article has been indexed from Hackread –…
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20045 Cisco Unified Communications Products Code Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors…
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?
CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or…