🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
16 JanChromium: CVE-2026-0907 Incorrect security UI in Split ViewThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0906 Incorrect security UIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0905 Insufficient policy enforcement in NetworkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0904 Incorrect security UI in Digital CredentialsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0903 Insufficient validation of untrusted input in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0901 Inappropriate implementation in BlinkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0899 Out of bounds memory access in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanCVE-2026-21223 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityMicrosoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to ex…MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0908 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0900 Inappropriate implementation in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
16 JanChromium: CVE-2026-0902 Inappropriate implementation in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 2[−]
16 JanStaples Slips Up On Data RemovalCybersecurity Challenges: Data Privacy Failures, AI Risks, and New Malware Threats In this episode of Cybersecurity Today, host David Shipley covers a range of pressing issues. The discussion kicks off with Staples Canada reselling laptops without wiping customer data, highlighti…CYBERSECURITYTODAY.LIBSYN.COM
16 JanThreat and Vulnerability Management in 2026Understand the future of threat and vulnerability management (TVM). Learn what TVM is, why traditional tools fail, and how intelligence is essential in today’s landscape.RECORDEDFUTURE.COM
🔥 INCIDENT REPORTING 1[−]
16 JanWeekly Update 486Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I’m in Oslo! Flighty is telling me I’ve flown in or out of here 43 times since a visit in 2014 set me on a new path profe…TROYHUNT.COM
🕵️ THREAT INTELLIGENCE 1[−]
16 JanWhy LinkedIn is a hunting ground for threat actors – and how to protect yourselfThe business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they are.WELIVESECURITY.COM
📡 INFOSEC NEWS 2[−]
16 JanYour 100 Billion Parameter Behemoth is a LiabilityThe "bigger is better" era of AI is hitting a wall. We are in an LLM bubble, characterized by ruinous inference costs and diminishing returns. The future belongs to Agentic AI powered by specialized Small Language Models (SLMs). Think of it as a shift from hiring a single expensi…TRENDMICRO.COM
16 JanAstro is joining CloudflareThe Astro Technology Company team — the creators of the Astro web framework — is joining Cloudflare. We’re doubling down on making Astro the best framework for content-driven websites, today and in the years to come.CLOUDFLARE.COM