incident Archives

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

Winsage

January 16, 2026

Windows Remote Assistance Vulnerability Allow Attacker to Bypass Security Features

Critical security updates have been released to address CVE-2026-20824, a vulnerability in Windows Remote Assistance that allows attackers to bypass the Mark of the Web (MOTW) defense system. This affects various Windows platforms, including Windows 10 and Windows Server 2025, and is rated with an Important severity level. The flaw enables unauthorized local attackers to circumvent MOTW defenses, posing risks to confidentiality. The vulnerability requires local access and user interaction for exploitation, often using social engineering tactics. Microsoft has issued security updates for 29 Windows configurations, including specific KB articles for affected versions of Windows 10, Windows 11, and Windows Server. Users are advised to apply the necessary patches, which are classified as “Required” customer actions. The vulnerability remains unexploited in the wild and was not publicly disclosed before the patches were released. Microsoft’s assessment categorizes it as “Exploitation Less Likely.”

Winsage

January 14, 2026

U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Windows vulnerability, CVE-2026-20805, to its Known Exploited Vulnerabilities (KEV) catalog, with a CVSS score of 8.7. This vulnerability, part of the January 2026 Patch Tuesday updates, affects the Windows Desktop Window Manager and allows attackers to leak memory information, potentially aiding in further exploits. Federal Civilian Executive Branch agencies must address this vulnerability by February 3, 2026, as mandated by Binding Operational Directive 22-01.

AppWizard

January 11, 2026

Minecraft Bedrock Realms users report widespread loading and connection issues: What we know so far

Minecraft Bedrock Realms experienced a service disruption on Saturday, preventing many players from accessing their worlds for several hours. Complaints surged around 12 PM EDT, peaking at over 4,000 reports of issues primarily related to server connectivity. Data indicated that 93% of affected users in the United States faced server connection failures, while 5% reported issues launching the game and 2% had login problems. Major cities impacted included Los Angeles, Houston, Tampa, Chicago, and Minneapolis. Neither Mojang nor Microsoft provided a public explanation for the incident, leaving the duration of the disruption uncertain.

AppWizard

January 11, 2026

Is Minecraft still down? Players report widespread outage

Minecraft Realms experienced a significant outage on January 10, 2026, affecting both Bedrock and Java Edition users. The disruption began around noon Eastern Daylight Time, with over 4,000 players reporting issues accessing paid Realms servers. Users were unable to load their worlds or connect to multiplayer servers for extended periods. The community expressed frustration over the lack of communication from Mojang regarding the outage, with players highlighting the disappointment of being unable to access a paid service.

Winsage

January 9, 2026

Nothing to declare at border control except a Windows 7 certificate error

A glitch in the border control wait-time display at Birmingham Airport showed a security certificate error, leaving passengers unaware of their wait times. The display is running on Windows 7, which reached its end of life in 2020, and the error message resembles outdated technology from Windows Vista. Despite this, a traveler reported a quick passage through border control, taking only ten minutes. The ongoing certificate issue raises concerns about the reliability of the information provided to passengers.

AppWizard

January 9, 2026

Religious statue is mocked for ‘looking like something from Minecraft’

A 100-foot statue of Jude the Apostle has been unveiled in Esperanza, Puebla State, Mexico, but has faced mockery for its design, which some compare to video game aesthetics. The statue features the saint's traditional green and white attire, with plans to add a wooden staff. Construction began in 2024 but was delayed due to weather and ecological concerns, and it was inaugurated last week. Local authorities hope it will attract pilgrims during Saint Jude Thaddeus's feast day celebrations. The backlash parallels a previous controversy in Seville regarding the restoration of a Virgin Mary statue, which led to protests and adjustments after criticism of its altered appearance.

Winsage

January 8, 2026

Microsoft’s Windows 11 AI Integration Draws Backlash on Performance, Privacy Woes

Microsoft's integration of artificial intelligence into Windows 11 has led to significant user dissatisfaction, with reports of sluggish performance, software bloating, and increased hardware strain. Users have experienced issues such as longer boot times, higher memory usage, and frequent glitches, particularly with features like Copilot, which disrupt multitasking. Outage trackers indicate surges in complaints about Microsoft Copilot, highlighting reliability issues. Concerns have also been raised about AI agents exhibiting hallucinations and security vulnerabilities, with users reporting risks of data leaks. Microsoft's claim that 30% of new Windows code is AI-generated has been met with skepticism due to persistent bugs. Hardware partners, such as Dell, have noted consumer disinterest in AI PCs, reflecting broader market hesitance. Privacy concerns have emerged regarding AI scanning user data, and internal reliance on AI for coding has led to notable errors. Security experts warn that deep AI integration could introduce new attack vectors. User feedback mechanisms have been criticized for slow responses, and there is a general call for AI tools that enhance rather than hinder user experience. Microsoft has adjusted its internal goals due to low demand for AI products, signaling a potential shift towards more user-centric updates.

Winsage

January 7, 2026

Hackers Use Fake Windows BSOD To Spread Malware

Security researchers have identified a social engineering campaign that mimics the Windows Blue Screen of Death (BSOD) to deceive users into installing a remote access Trojan (RAT). The campaign, named PHALT#BLYX, begins with phishing emails that appear to be legitimate cancellation notices from travel websites, leading victims to a fake login page and an interactive CAPTCHA. This culminates in a full-screen imitation of the BSOD, prompting users to follow instructions that ultimately allow attackers to gain control of their computers. The attackers use a “ClickFix” process that involves executing commands through native Windows tools like PowerShell and MSBuild, making detection more challenging. The malware delivered is an obfuscated version of DCRat, which provides attackers with remote control capabilities, keylogging, and the ability to download additional malware. The campaign primarily targets hotels and hospitality businesses in Europe, exploiting the urgency of front-desk staff to respond to apparent technical issues. Indicators of a fake BSOD include the ability to interact with the screen, requests to execute commands via Windows tools, and the presence of CAPTCHA prompts. Organizations are advised to train employees, implement application control, enhance email and web defenses, and prepare for incident response to mitigate risks associated with such attacks.

AppWizard

January 5, 2026

Rainbow Six Siege X seemingly compromised again as players hit with brain rot-inspired 67-day ‘bans’

Ubisoft's Rainbow Six Siege X has experienced multiple security breaches, leading to the game being taken offline, a server rollback, and a temporary marketplace shutdown. Following a significant hack that flooded players with in-game currency, a subsequent incident involved players receiving false notifications of in-game bans for harassment, with absurd durations like 67 days. Players also encountered modified messages mimicking standard reporting notifications. The official server status page indicates ongoing authentication and matchmaking outages, with connectivity marked as 'degraded.' Ubisoft has not yet provided a detailed response to these hacking attempts.