Welcome to the January 14th edition of ONSEC Cyber Daily, where we unravel the latest in cybersecurity threats and defenses. Today, we dive into a critical vulnerability that has rocked the tech world: the Desktop Windows Manager flaw, CVE-2026-20805, now spotlighted in CISA's Known Exploited Vulnerabilities catalog. This zero-day bug, actively exploited, underscores the persistent threat landscape as Microsoft rolls out its first Patch Tuesday of 2026, addressing over a hundred vulnerabilities. Meanwhile, the Gogs path traversal vulnerability remains a pressing concern, with no patch in sight, highlighting the relentless nature of cyber threats. Join us as we explore these developments and their implications for cybersecurity resilience.

Exploits Alert

1. Hacked: Desktop Windows Manager vulnerability added to CISA's KEV catalogue: The US Cybersecurity and Infrastructure Security Agency (CISA) has added a newly addressed vulnerability, CVE-2026-20805, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability in the Desktop Windows Manager is a significant risk as it is a frequent attack vector for malicious actors. The addition highlights the ongoing threat landscape and the need for vigilance in patch management. Source: Cyber Daily.
2. Windows info-disclosure 0-day bug gets a fix and CISA alert: A critical information disclosure vulnerability in Windows has been patched following an alert from CISA. This zero-day bug posed significant risks to federal enterprises, underlining the importance of timely updates and patches to mitigate potential cyber threats. The fix is part of Microsoft's ongoing efforts to address software defects and enhance cybersecurity defenses. Source: The Register.
3. Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day: Microsoft's latest Patch Tuesday release includes fixes for 112 defects, with a focus on an actively exploited zero-day vulnerability. This comprehensive update is crucial for maintaining security across Microsoft products, emphasizing the company's commitment to addressing cybercrime and vulnerability management. Users are urged to apply these patches promptly to protect against potential exploits. Source: CyberScoop.
4. Adobe Patches Critical Apache Tika Bug in ColdFusion: Adobe has released a patch for a critical vulnerability in Apache Tika, used in its ColdFusion product. This flaw could potentially lead to severe security breaches if left unaddressed. Alongside this, Adobe also fixed a medium-severity vulnerability in Substance 3D Designer, highlighting the importance of regular updates to prevent memory leaks and other security issues. Source: SecurityWeek.
5. CISA Flags Actively Exploited Gogs Vulnerability With No Patch: A high-severity security flaw in the self-hosted Git service Gogs is being actively exploited, prompting a warning from CISA. This path traversal vulnerability, CVE-2025-8110, remains unpatched, posing a significant threat to users of the service. The ongoing malicious activity underscores the critical need for enhanced security measures and monitoring. Source: Infosecurity Magazine.

Vulnerabilities & Patches

1. Microsoft January 2026 Patch Tuesday Fixes 114 Flaws, Including 3 Zero-Days: Microsoft has released a comprehensive patch addressing 114 vulnerabilities, including three zero-day exploits. Among these, CVE-2026-20805 stands out as an information disclosure flaw in the Desktop Window Manager, allowing unauthorized access to sensitive data. This patch is critical for maintaining system security against active exploitation. Source: GBHackers
2. Update your iPhone to iOS 18.6 Now to Keep it Safe from Security Threats: Apple has released iOS 18.6 to address several security vulnerabilities, including CVE-2025-6558. This update is crucial for protecting iPhone users from potential breaches and ensuring the integrity of their devices. Users are strongly advised to update immediately to mitigate risks. Source: MSN
3. January 2026 Microsoft Patch Tuesday: Actively Exploited Zero Day Needs Attention: This month's Patch Tuesday includes a fix for CVE-2026-20843, a vulnerability allowing privilege escalation in Windows services. The patch is vital for preventing unauthorized access and maintaining system security, especially given its active exploitation status. Source: CSO Online
4. Microsoft Patches Zero-Day, Kills Legacy Windows Drivers: The update addresses CVE-2026-20805, a zero-day vulnerability in the Windows Desktop Window Manager. This flaw has been actively targeted, making the patch essential for safeguarding systems against unauthorized data access. The update also removes outdated Windows drivers, enhancing overall system security. Source: SecurityBrief Australia
5. Data Theft, SSRF Intrusions Likely with Critical Apache Struts 2 Bug: A critical vulnerability, CVE-2025-68493, in Apache Struts 2 could lead to data theft and SSRF intrusions. This flaw necessitates immediate patching to prevent potential exploitation and protect sensitive information from unauthorized access. Organizations using Apache Struts 2 should prioritize this update. Source: SC Media

Podcasts

1. Cyber Fraud Takes the Lead: What the Shift Away From Ransomware Signals for Enterprises: This podcast explores the evolving landscape of cyber threats, highlighting a shift from traditional ransomware attacks to more sophisticated cyber fraud schemes. It discusses the implications for enterprises and how they can adapt their security strategies to mitigate these emerging risks. Source: Security Boulevard
2. Inside the SMB Threat Landscape: AT&T's Senthil Ramakrishnan on Why Small Businesses are Cybercrime's Favorite Target: This episode delves into the unique cybersecurity challenges faced by small and medium businesses (SMBs). Senthil Ramakrishnan from AT&T discusses why SMBs are increasingly targeted by cybercriminals and offers insights into effective defense strategies. Source: CSO Online
3. N2K CyberWire Network Welcomes W2 Communications' Inside the Media Minds Podcast: This podcast series, now part of the N2K CyberWire Network, offers a deep dive into the intersection of media and cybersecurity. It provides listeners with expert insights and analysis on how media professionals are navigating the evolving cyber threat landscape. Source: The CyberWire
4. Intezer CEO Shows How AI Revolutionizes Cybersecurity: This podcast episode features the CEO of Intezer discussing the transformative impact of artificial intelligence on cybersecurity. It covers how AI is being leveraged to enhance cyber defense mechanisms and counter cyber espionage activities. Source: The Jerusalem Post
5. Beyond the Noise: How Next-Generation SIEM Solutions Are Redefining Cybersecurity: This podcast examines the role of next-generation Security Information and Event Management (SIEM) solutions in modern cybersecurity. It highlights how these advanced tools are helping organizations to better detect and respond to threats in real-time. Source: Security Boulevard

Final Words

As we wrap up today's edition of ONSEC Cyber Daily, it's clear that the digital landscape is ever-evolving, with new vulnerabilities like CVE-2026-20805 in the Desktop Windows Manager being added to CISA's KEV catalog. This highlights the critical need for vigilance and proactive measures in cybersecurity. Remember, staying informed is your first line of defense against cyber threats. We hope you found today's insights valuable. If you did, please consider sharing this newsletter with your friends and colleagues. Together, we can build a more secure digital world, one informed reader at a time. Stay safe, stay secure, and see you in the next edition!

ONSEC.io | LinkedIn

ONSEC.io | 1,839 followers on LinkedIn. Information security audits and penetration testing by a team of experts with an average experience of more than 7 years | ONSEC.io - is a penetration testing & in-depth security audit company with more than 13 years of experience on the market. Our team has already helped more than 300 companies be aware about possible system's vulnerabilities, including Republic, DMarket, LegionFarm, Parallels, Xsolla, Acronis, Manyсhat, Global Fashion Group and others. Our main goal is to increase the customer security level by finding and fixing security issues as well as improve security awareness inside the company, including developers, DevOps, and other teams to build a sustainable engineering culture with security knowledge.

LinkedIn