Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities
January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity advisories exposing critical flaws across SAP, Microsoft, and Atlassian, the very platforms that run finance systems, identity layers, developer pipelines, and collaboration tools inside most enterprises. These weren’t theoretical bugs. One Windows vulnerability was already being exploited in the wild. While others enabled remote code execution, privilege escalation, data theft, and full system takeover. If your organization runs SAP S/4HANA, Windows, Azure, Jira, Confluence, or Bitbucket, this wasn’t a patch cycle you could afford to ignore. This article breaks down what was affected, how attackers could abuse these flaws, and exactly what security teams must do to stay ahead before these vulnerabilities turn into breaches.
Source: Security Boulevard

Hackers Targeting Cisco Unified CM Zero-Day
Cisco on Wednesday announced patches for yet another zero-day vulnerability targeted by threat actors. The flaw, tracked as CVE-2026-20045 and classified as critical, affects several of Cisco’s unified communications products, including Cisco Unified Communications Manager (CM) and its Session Management Edition (SME), Unified CM IM & Presence Service, Unity Connection, and Webex Calling Dedicated Instance. According to Cisco, a remote, unauthenticated attacker can exploit CVE-2026-20045 to execute malicious commands on the underlying OS of the device.
Source: SecurityWeek

Fortinet Admits FortiGate SSO Bug Still Exploitable despite December Patch
Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices supposedly fully up to date. In a new advisory, Fortinet said it had identified a fresh attack path being used to abuse SAML-based SSO in FortiOS, even on systems that had already applied the vendor’s earlier fix. The disclosure follows reports earlier this week that FortiGate firewalls were quietly reconfigured via compromised SSO accounts, with attackers altering firewall settings, creating backdoor admin users, and exfiltrating configuration files.
Source: The Register

Nova Ransomware Claims Breach of KPMG Netherlands
KPMG Netherlands has allegedly become the latest target of the Nova ransomware group, following claims that sensitive data was accessed and exfiltrated. The incident was reported by ransomware monitoring services on 23 January 2026, with attackers claiming the breach occurred on the same day. Nova has reportedly issued a ten-day deadline for contact and ransom negotiations, a tactic commonly used by ransomware groups to pressure large organisations. The group has established a reputation for targeting professional services firms and financial sector entities that manage high-value and confidential client information.
Source: Dig.watch

Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms
Vulnerabilities discovered by researchers in Dormakaba physical access control systems could have allowed hackers to remotely open doors at major organizations. The security holes were discovered by experts at SEC Consult, a cybersecurity consulting firm under Atos-owned Eviden, in Dormakaba’s Exos central management software, a hardware access manager, and registration units that enable entry via a keypad, fingerprint reader, or chip card. Several types of vulnerabilities were identified, including hardcoded credentials and encryption keys, weak passwords, lack of authentication, insecure password generation, local privilege escalation, data exposure, path traversal, and command injection issues.
Source: SecurityWeek