January, 2026 - Intrucept

Critical Ivanti EPMM Attacks Exploited RCE; Security Updates Released

Ivanti has disclosed two critical code injection vulnerabilities in its Endpoint Manager Mobile (EPMM) product that enable unauthenticated remote code execution and have been exploited in zero-day attacks.

Critical vm2 Node.js Vulnerability Allow Sandbox Escape & Arbitrary Code Execution

Critical vm2 Node.js Library Sandbox Escape Vulnerability

Critical Fortinet Vulnerability in FortiCloud SSO Authentication Bypass

FortiCloud Single Sign-On (SSO)

Surge in Cyber-Attacks Globally as Attackers Leverage AI; Check Point Report

AI-Driven Attacks Become More Autonomous

Microsoft Released Emergency Security Updates; Patches Microsoft Office 0-Day Vulnerability

Microsoft Released Emergency Security Updates

DNS CNAME Used as Relay Attack for New Kerberos-PoC Released

A dangerous flaw in how Windows environments handle Kerberos service ticket requests one that significantly expands the practical attack surface for Kerberos relaying in Active Directory.

MITRE ATT&CK Framework-2026 to Improve Cybersecurity Learning in Enterprise Environment

NSA Lays Guidelines for Zero Trust Implementation (ZIGs) for Orgs ; First in Series of ZeroTrust

The National Security Agency (NSA) is released the first two products in a series of Zero Trust Implementation Guidelines (ZIGs)

Cyberattack Campaign Targeted CISCO Products; Impacting Cisco AsyncOS Software; Security Updates Released

Cisco Patched Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Microsoft Fixes 113 Vulnerabilities & 1 Actively Exploited 0-Day in First Patch Released -Jan2026

Microsoft Patch Tuesday 2026 Jan

Month: January 2026