NRG Networks Inc.

  A massive credential leak has exposed over 149 million online accounts—including Gmail, Netflix, Yahoo, X, and many others—after an unprotected 96 GB database of stolen usernames and passwords was discovered online. The data, harvested by infostealer malware from infected personal devices, includes tens of millions of email, social media, entertainment, financial, and even government-linked accounts, posing severe risks of account takeover, fraud, and identity theft. A publicly accessible, unencrypted database containing 149,404,754 unique login credentials was discovered by cybersecurity researcher Jeremiah Fowler . The data was not a breach of Gmail, Netflix, or other platforms directly —instead, it came from infostealer malware infecting users’ devices and silently uploading stolen credentials. The exposed dataset was 96 GB and remained online for about a month before being taken down. Affected Platforms Why This Leak Is Especially Dangerous Credentials include logi...

  CVE‑2026‑24858 is a critical Fortinet vulnerability (CVSS 9.4–9.8 ) involving FortiCloud SSO authentication bypass , allowing attackers with a FortiCloud account to log into devices belonging to other customers if FortiCloud SSO is enabled. This flaw affects FortiOS, FortiManager, FortiAnalyzer , and potentially FortiWeb and FortiSwitch Manager . Attackers have been actively exploiting this vulnerability in the wild, creating rogue admin accounts, modifying firewall configs, enabling VPN access, and exfiltrating configuration files.  CISA has added CVE‑2026‑24858 to the Known Exploited Vulnerabilities (KEV) catalog and requires patching by federal agencies by Jan 30 or Feb 17, 2026 , depending on advisory. Are Patches Available? Yes—patches have been released for major product lines, but some versions still show “upcoming” in Fortinet’s advisory. Released fixed versions (confirmed): FortiOS: 7.4.11 released Future fixes: 7.6.6, 7.2.13, 7.0.19 (upcoming) FortiManager: Fi...

Short answer: Yes — in one specific, legally compelled case — Microsoft provided BitLocker recovery keys to the FBI because the user had stored those keys in Microsoft’s cloud , and a valid search warrant required Microsoft to hand them over. This is the first publicly known instance of such a disclosure. Below is what the evidence shows: What actually happened Multiple independent reports confirm the same core facts: • The FBI, during a fraud investigation in Guam, obtained a warrant for three BitLocker‑encrypted laptops. Microsoft had the recovery keys because they had been backed up to the user’s Microsoft account , which is the default on many Windows 11 systems. • Microsoft complied with the warrant and gave investigators the keys, allowing them to unlock the drives. • Microsoft says it receives around 20 requests per year for BitLocker recovery keys, but cannot fulfill most of them because the keys often are not uploaded to the cloud. • This Guam case is the first publicly...

  Security researchers have recently identified around 800,000 Telnet servers exposed to the internet , many of them running vulnerable versions of GNU InetUtils telnetd . This exposure is dangerous because a critical authentication bypass vulnerability (CVE‑2026‑24061) allows attackers to log in as root without a password . Nearly 800,000 IPs show Telnet fingerprints worldwide. [techradar.com] The flaw affects GNU InetUtils 1.9.3 through 2.7 and is fixed in version 2.8 . [bleepingcomputer.com] Attackers can exploit it simply by injecting USER=-f root during connection, which forces a root login. [csoonline.com] Exploitation began within 24 hours of patch release. GreyNoise observed 60 malicious sessions from 18 IPs , targeting root accounts in 83% of attempts. [techradar.com] Why exposed Telnet is dangerous Using Telnet today is unsafe for two main reasons: 1. Telnet transmits everything in plaintext Credentials and session data can be easily captured by anyone sniffing netw...

  Microsoft 365 Service Disruption – Staff Advisory We are currently experiencing a Microsoft 365 service disruption affecting multiple cloud workloads. This issue is external to our environment and is impacting customers nationwide. What’s Affected SharePoint Online – intermittent access issues (widely reported) General Microsoft 365 connectivity – degraded performance across multiple regions Possible impact to: Exchange Online (email access or delays) Teams (sign‑in or call drops) OneDrive/SharePoint file access Admin portal availability What You May See Slow loading or timeouts when opening Microsoft 365 apps Difficulty accessing shared files or sites Authentication delays when signing into cloud services What You Should Do Continue working locally where possible If an app fails to load, wait a few minutes and retry,  Avoid repeated sign‑in attempts, which may worsen delays Our Status We are monitoring Microsoft’s service health dashboard and will pr...

  Microsoft is hardening a Windows Server component. The focus is on Windows Deployment Services (WDS) , which supports “hands-free deployment” using an Unattend.xml (Answer file) for automated installations. A vulnerability (CVE-2026-0386) was discovered that could allow attackers to intercept this file over insecure channels, leading to remote code execution (RCE) and credential theft . Key Points: Patch Tuesday Update (KB5074109) introduced the first phase of changes on January 13, 2026 . Microsoft will phase out hands-free deployment over insecure connections : Currently still supported but discouraged. IT admins can disable it via registry keys now. By April 2026 , hands-free deployment will be blocked by default unless explicitly re-enabled. Microsoft warns that re-enabling this feature after April will be considered insecure . Additional event logs are being added to help admins monitor deployment configurations. Despite the active vulnerability, Microsoft is not immedia...

  CVE‑2025‑25249 — Heap‑Based Buffer Overflow (High Severity) The flaw exists in the cw_acd daemon , which handles certain network communications in FortiOS and FortiSwitchManager. A heap-based buffer overflow occurs when the daemon improperly manages memory and writes beyond allocated bounds. By sending specially crafted packets , a remote attacker can corrupt memory and potentially execute arbitrary code or commands. Why It’s Dangerous No authentication required — the attacker does not need credentials. Network‑reachable — can be triggered if the vulnerable service is exposed to untrusted networks (e.g., WAN, misconfigured management interfaces). High impact — successful exploitation allows: Running arbitrary commands Modifying configurations Intercepting traffic Installing persistence mechanisms Affected Products & Versions According to the advisory, the following versions are vulnerable: FortiOS 7.6.0 – 7.6.3 7.4.0 – 7.4.8 7.2.0 – 7.2.11 7.0.0 – 7....