Daily Security Briefing #143
- DjediTech
- Security , Newsletter
- January 23, 2026
Table of Contents
January 23, 2026 | Read Online
Oracle E-Business Suite RCE, Fortinet FortiCloud SSO bypass exploits, CISA adds critical vulnerabilities to KEV catalog…
Executive Summary
Today’s cybersecurity landscape highlights rising risks from sophisticated exploits and vulnerabilities actively targeted by threat actors. Fortinet has confirmed ongoing exploitation of critical FortiCloud single sign-on bypass vulnerabilities, affecting fully patched devices and raising concerns over enterprise security. Meanwhile, CISA has added four newly exploited enterprise software flaws to its Known Exploited Vulnerabilities catalog, signaling urgent patching needs. Advances in AI also illustrate increased autonomous offensive capabilities, challenging defenders to uphold fundamental security principles. Additionally, emerging malware campaigns targeting macOS and developer environments underscore the evolving threat vectors beyond traditional systems.
Top Articles
Metasploit Wrap-Up 01/23/2026
Rapid7’s latest Metasploit update introduces a module to exploit CVE-2025-61882, a remote code execution vulnerability in Oracle E-Business Suite versions 12.2.3 through 12.2.14. The exploit chains multiple flaws including SSRF, HTTP request smuggling, and XSLT injection to execute arbitrary commands pre-authentication, significantly increasing attack risks to affected enterprise applications.
Rapid7
Fortinet Confirms Active Exploitation of FortiCloud SSO Bypass Vulnerabilities
Fortinet disclosed that threat actors are actively exploiting two critical FortiCloud SSO authentication bypass vulnerabilities (CVE-2025-59718 & CVE-2025-59719) in multiple security appliances. These flaws allow unauthorized administrative access, even on fully patched FortiGate firewalls, posing serious risks for organizations relying on Fortinet’s infrastructure. The company is working on comprehensive mitigations amid ongoing exploitation reports.
GBHackers | CyberPress | The Hacker News
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities catalog to include four critical software flaws exploited in the wild. These vulnerabilities impact enterprise products including those from Versa, Zimbra, Vite frontend tooling, and Prettier code formatter, spanning attack surfaces from development frameworks to email platforms. Urgent remediation is advised to mitigate ongoing exploitation.
CyberPress | BleepingComputer | The Hacker News
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
Anthropic’s recent evaluation reveals modern AI models such as Claude now perform multistage cyberattacks autonomously on networks using standard open-source tools. This advances AI’s role in offense, lowering barriers for cyber workflows and underscoring the need for fundamental security controls to defend against increasingly capable automated attacks.
Schneier on Security
MacSync macOS Infostealer Exploits ClickFix-style Attack to Trick Users
A new MacSync malware campaign targets macOS users, distributing credential-stealing trojans through deceptive ClickFix-style social engineering and phishing redirects. The attack impersonates Microsoft login pages and compromises cryptocurrency hardware wallets, leveraging Malware-as-a-Service to maintain persistent access. This highlights evolving Mac-targeted threats exploiting user trust.
GBHackers
Malicious AI Extensions in VSCode Marketplace Steal Developer Data
Two malicious Visual Studio Code extensions, installed over 1.5 million times, were discovered exfiltrating sensitive developer information to China-based servers. This incident demonstrates growing risks within developer toolchains and marketplace ecosystems, emphasizing the need for scrutinizing third-party code components.
BleepingComputer
Building Cyber Readiness Early: Why Youth Education Is a Security Imperative
A Check Point blog highlights the critical need to integrate cybersecurity education for youth. Early training addresses talent pipeline gaps and mitigates threats targeting schools, hospitals, and small businesses alike. Proactive education is emphasized as foundational to national and organizational cybersecurity strategies moving forward.
Checkpoint
AI Transparency: This newsletter uses AI to curate, rank, and summarize cybersecurity content from leading industry blogs. All articles link directly to original authors. Executive summaries are AI-generated based on article content. I curate the sources and deliver the digest—the original authors deserve the credit for their excellent work.