Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
The Hacker News

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.
The Hacker News

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

CISA added VMware vCenter vulnerability CVE-2024-37079 to its KEV list after confirmed in-the-wild exploitation, urging ...
CSO Online

January 2026 Microsoft Patch Tuesday: Actively exploited zero day needs attention

Eight critical vulnerabilities and an actively exploited zero day highlight Microsoft’s first Patch Tuesday announcements for 2026. Most of the higher scoring vulnerabilities impact Office products, ...
SecurityWeek

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet patches six vulnerabilities, including critical flaws in FortiFone and FortiSIEM leading to configuration leak and ...
Dark Reading

Europe's GCVE Raises Concerns Over Fragmentation in Vulnerability Databases

GCVE would enhance global collaboration, flexibility, and efficiency in tracking vulnerabilities. Duplicate entries and ...
Dark Reading

Vulnerabilities Surge, But Messy Reporting Blurs Picture

MITRE loses its lead as the top reporter of vulnerabilities, while new organizations pump out CVEs and reported bugs in ...