CVE-2026-20805 is a vulnerability tracked across 15 threat clusters and 35 intelligence report mentions on ThreatCluster. First observed January 13, 2026; most recent activity February 18, 2026.
A Chinese state-backed hacking group, UNC6201, has been exploiting a critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines since at least mid-2024. The flaw, tracked as CVE-2026-22769, features a…
In January 2026, Microsoft released its largest Patch Tuesday update in four years, addressing 113 vulnerabilities across Windows, Office, and other products. Among these was a critical zero-day vulnerability,…
On January 7, 2026, a patch was released for CVE-2026-21858, a maximum severity vulnerability affecting n8n, a workflow automation application. This vulnerability could potentially allow unauthorized access and…
On February 10, 2026, Microsoft released a security update addressing 59 vulnerabilities, including six zero-day flaws that were actively exploited prior to the patch. The vulnerabilities affect various Microsoft…
On January 13, 2026, Microsoft released a patch for a critical zero-day vulnerability in its Desktop Window Manager (DWM), tracked as CVE-2026-20805, which allowed local attackers to expose sensitive user-mode memory.…
Zscaler has implemented protective measures against nine vulnerabilities identified in the January 2026 Microsoft security bulletins. The company is collaborating with Microsoft through the MAPP program and will…
The Sophos State of Ransomware in Enterprise 2025 report reveals that ransomware recovery costs for enterprises have exceeded $2 million, highlighting the ongoing challenge organizations face with this pervasive threat.…
Microsoft released an out-of-band update to address credential authentication failures impacting Azure Virtual Desktop and Windows 365 connections. These issues arose following the January 2026 security update and are…
Microsoft's January 2026 updates have led to significant access issues for users of Windows 365 and RemoteApp connections. Customers reported credential prompt failures and sign-in issues with their Cloud PC sessions…
The US Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerability CVE-2026-20805 to its Known Exploited Vulnerabilities (KEV) catalogue. This vulnerability affects the Desktop Windows Manager and…