Critical Vulnerabilities Added to CISA’s Known Exploited List

Author

Taylor Hawes
January 28, 2026

From the Editor’s Desk

In the past week, we’ve seen that even trusted cyber agencies must guard their own systems as threats expand and vulnerabilities accumulate. This highlights the simple but urgent truth: no organization is too prepared to skip basic patching and vigilance.

🔎 Deep Brief

Critical Vulnerabilities Added to CISA’s Known Exploited List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added six more vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These flaws span widely used systems, including a critical out-of-bounds write issue in VMware vCenter Server and authentication bypass problems in SmarterTools’ SmarterMail software. One of the newly listed issues is a Microsoft Office security feature bypass, while another allows local privilege escalation on older Linux kernels. The inclusion of these vulnerabilities in the KEV Catalog means there’s evidence they are already being used in real-world attacks, increasing urgency for organisations to patch promptly. CISA’s catalog serves as a guide for prioritising remediation, especially for high-severity flaws that could let attackers achieve remote code execution or escalate privileges on corporate networks. 

Takeaway

Organizations must treat KEV Catalog additions as actionable priorities — delaying updates invites attackers to exploit known weaknesses.

🧠 Strategy in Action

Drone and Cyber Threat Planning for Milano-Cortina Olympics

As the 2026 Winter Olympics approach, U.S. security teams are intensifying preparations for both physical and digital threats. Outdoor venues in the Italian mountains present unique challenges for drone control and monitoring. U.S. specialists have worked with Italian law enforcement to enforce no-drone zones, deploy anti-drone systems, and share real-time threat data.

This preparedness covers not just inadvertent or nuisance drone flights, but also scenarios where small unmanned aerial vehicles could be used maliciously. Beyond aerial threats, planners are focused on safeguarding Olympic payment systems, ticketing platforms, and communications infrastructure from cyber incidents and opportunistic crime. The collaborative interagency effort involves the FBI, Department of Homeland Security, Department of Defense, and other partners, reflecting a holistic approach to major event security. 

Takeaways: 

This case highlights how layered threat planning, physical and digital, can mitigate risks at global events.

🕵️ Threat Actor Spotlight

APT30

APT30 is a longstanding cyber espionage group with suspected ties to the Chinese government. The group is known for spearphishing campaigns using malicious attachments to gain initial access to targeted networks. Historically, its operations have focused on long-term data theft against government and intelligence targets. APT30’s technique set, such as targeted phishing and user-execution reliance, reflects a strategic focus on human vectors rather than broad automated exploitation.

🛠️ Tool Check

MariaDB Monitoring Tools Comparison

MariaDB is an open-source database system used for web applications, data services, and enterprise systems. Effective monitoring helps detect performance bottlenecks, resource constraints, and anomalous activity that may indicate security issues. 

Here is a comparison of the best tools for MariaDB monitoring.

  • ManageEngine Applications Manager offers comprehensive monitoring across systems and DBMSs, making it a strong choice for enterprises.

  • Site24x7 provides cloud-based full-stack observability with MariaDB support. 

  • Datadog Infrastructure combines performance metrics with integrations for broader system visibility. 

  • Sematext delivers real-time alerts across logs and metrics. 

Each tool tracks performance, query activity, and resource usage so teams can catch issues before they affect applications. Choosing the right monitor depends on scale, budget, and whether on-premises or cloud databases are in use - but all help improve uptime and security posture.

🗣️ Community Signal

Most people only see cybersecurity when something goes wrong—a breach, a headline, a moment of panic. But the real work, the work that protects families, leaders, and organizations, happens quietly long before danger arrives. Cyber risks don’t announce themselves. They move silently, waiting for a moment of weakness. That’s why cybersecurity must be clear, human, and accessible to everyone—not just experts. Cedrick Randolph CISA Certified Cybersecurity Expert.

📚 Don’t Miss This

Advertise with Comparitech
Does your business offer services or products in cybersecurity? Get your product seen by IT leaders and professionals.

Advertise with us →

Until Friday’s edition - Let’s keep that zero-day count at zero!