Microsoft stacks up 113 CVEs for January Patch Tuesday
Categories: X-ops
Tags: Patch Tuesday, Microsoft, Windows
Similar Posts
Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor
Bys sRussian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unknown Group 901). “The campaign is aimed at targeting employees of Voronezh Aircraft Production…
SEC Files Charges Over $14 Million Crypto Scam Using Fake AI-Themed Investment Tips
Bys sThe U.S. Securities and Exchange Commission (SEC) has filed charges against multiple companies for their alleged involvement in an elaborate cryptocurrency scam that swindled more than $14 million from retail investors. The complaint charged crypto asset trading platforms Morocoin Tech Corp., Berge Blockchain Technology Co., Ltd., and Cirkor Inc., as well as investment clubs AI…
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation in the wild. The high-severity vulnerability, CVE-2026-22719 (CVSS score: 8.1), has been described as a case of command injection that could allow an
Army gynecologist took secret videos of patients during intimate exams, lawsuit says
Bys sCourtney Kube reports: An Army gynecologist took secret intimate videos of a patient under his care at Fort Hood in Texas, according to a lawsuit filed Monday. The lawsuit says that the woman is believed to be one of scores who were preyed upon by Dr. Blaine McGraw and that Army leadership had allowed him to……
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
Bys sA new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecting the browser to services like Gmail and Google Drive to automate…
Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Bys sGoogle on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by…