WatchGuard Firebox OS patches critical security flaw

Automated attacks are targeting Fortinet FortiGate devices, creating unauthorized accounts and stealing firewall data. A recent patch from Fortinet may not be as effective as anticipated. The issue was reported on January 23, 2026.

January 27, 2026 Reported by AI

Microsoft has issued an emergency patch for a worrying security flaw in its Office software. The vulnerability could allow hackers to access users' files if not updated promptly. The patch was released to address this critical issue.

Ongoing exploitation of the React2Shell vulnerability (CVE-2025-55182)—previously detailed in coverage of China-nexus and cybercriminal campaigns—now includes widespread Linux backdoor installations, arbitrary command execution, and large-scale theft of cloud credentials.

January 21, 2026 Reported by AI

NVIDIA has released an urgent security update to address a high-severity vulnerability in its NSIGHT Graphics tool for Linux systems. The flaw, identified as CVE-2025-33206, could enable attackers to execute arbitrary code if exploited. Affected users are urged to upgrade immediately to mitigate risks.

Motherboards produced by major manufacturers including Gigabyte, MSI, ASUS, and ASRock are reportedly vulnerable to a new attack exploiting a UEFI flaw. This vulnerability allows direct memory access attacks on many popular devices. The issue was highlighted in a TechRadar report published on December 22, 2025.

December 13, 2025 Reported by AI

Apple began rolling out iOS 26.2 on December 12, 2025, patching two zero-day WebKit vulnerabilities actively exploited in sophisticated targeted attacks, plus over two dozen other bugs. The update adds UI improvements like expanded Liquid Glass customization and app features for Apple Music, Podcasts, and more. Companion updates for iPadOS, macOS, watchOS, tvOS, and visionOS focus on convenience and security. At least half of iPhone owners have yet to update to iOS 26 or later, risking exposure.