infrastructure Archives

Tech Optimizer

January 17, 2026

ClickHouse: $400 Million Series D Raised, Langfuse Acquisition, And Native Postgres Service Debuted

ClickHouse has secured 0 million in a Series D funding round led by Dragoneer Investment Group, with participation from investors such as Bessemer Venture Partners, GIC, and others. The funding will support global expansion and product development, focusing on AI infrastructure and application monitoring. ClickHouse currently has over 3,000 customers on its ClickHouse Cloud platform, with an annual recurring revenue growth exceeding 250% year over year. Recent adopters include Capital One, Lovable, and Airwallex, alongside established clients like Meta and Tesla. ClickHouse has acquired Langfuse, an open-source platform for LLM observability, and introduced a native Postgres service for integrating transactional workloads with its analytical engine. The company is also expanding its ecosystem and geographic reach through partnerships, including one with Japan Cloud and collaboration with Microsoft Azure.

Winsage

January 16, 2026

Easterly helms RSAC, Windows update problems, Police Copilot gaffe

Jen Easterly has been appointed as the new Chief Executive Officer of the RSA Conference. She is a cybersecurity expert and former Director of the Cybersecurity and Infrastructure Security Agency (CISA). Palo Alto Networks has released security updates for a vulnerability (CVE-2026-0227) with a CVSS score of 7.7 affecting its GlobalProtect Gateway and Portal, which can cause a denial-of-service condition in PAN-OS software. The January 2026 security update from Microsoft has caused connection and authentication failures in Azure Virtual Desktop and Windows 365, affecting users across various Windows versions. Microsoft is working on a resolution. The chief constable of West Midlands Police acknowledged an error by Microsoft’s Copilot AI in generating a fictional intelligence report. Microsoft has not confirmed Copilot's involvement. Britain’s National Cyber Security Centre (NCSC) has collaborated with Five Eyes partners to provide guidance on securing industrial operational technology, highlighting risks associated with remotely monitored systems. Kyowon, a South Korean conglomerate, confirmed a ransomware attack on January 10 that may have compromised customer information, affecting approximately 5.5 million members. Researchers at Varonis have identified a new attack technique called "Reprompt" that allows data exfiltration from Microsoft Copilot via a malicious link, exploiting a Parameter 2 Prompt (P2P) injection technique. Central Maine Healthcare is notifying over 145,000 patients about a data breach that compromised personal, treatment, and health insurance information, discovered on June 1.

AppWizard

January 16, 2026

Your Android App Needs Scanning – Best Android App Vulnerability Scanner in 2026

The past year saw a 45% increase in new vulnerabilities targeting Android. By the end of 2024, there are projected to be 2.87 million apps on Google Play, with 66% of American employees using personal smartphones for work. Mobile applications are responsible for 70% of digital interactions, and vulnerabilities in these apps contributed to approximately 40% of data breaches involving personal data in 2023. Effective Android App Vulnerability Scanners analyze app security by identifying insecure local storage, hardcoded credentials, weak cryptography, insecure network configurations, broken authentication flows, and misconfigured components. AI-powered scanners, like AutoSecT, can autonomously generate new scanning protocols quickly, detect zero-day vulnerabilities, automate penetration testing, and operate with near-zero false positives.

Winsage

January 16, 2026

Microsoft Ends Windows Server 2008 Support on January 13, 2026

Microsoft has officially ceased all support for Windows Server 2008 as of January 13, 2026, including paid extended security updates. This end-of-life scenario poses significant security risks for organizations still using the outdated operating system, making them vulnerable to cyberattacks. The transition away from Windows Server 2008 requires careful planning, as many organizations face challenges in migrating legacy applications to modern systems. The lack of ongoing patches means that any new vulnerabilities will remain unaddressed, potentially leading to data breaches and compliance failures, particularly in regulated sectors like healthcare and finance. Microsoft has encouraged migration to Azure, offering incentives for early adopters, but the transition can be complex and costly. The end of support also affects global supply chains and compatibility with newer software applications. Organizations are advised to conduct audits of their software portfolios and consider hybrid environments to enhance flexibility and security.

Winsage

January 15, 2026

Windows Server 2008 is finally gone, after Microsoft pulls support at last

Microsoft concluded all support for Windows Vista and Server 2008 as of January 13, 2026. Most customers lost support in January 2020, but Extended Security Updates were available until January 2023 for most users and until January 2024 for Azure customers. Free security updates, non-security updates, and support options are no longer accessible for the retired codebase. Organizations are encouraged to migrate to Azure for additional security updates. Windows Server 2012 will also reach the end of its ESU on October 13, 2026.

Winsage

January 15, 2026

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

Microsoft and the U.S. government have issued a warning about a vulnerability in Windows, designated CVE-2026-20805, which is currently being exploited. This flaw allows an authorized attacker to leak a memory address from a remote ALPC port, potentially leading to arbitrary code execution. It has a medium severity rating of 5.5 on the CVSS scale. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog and requires federal agencies to implement a patch by February 3. Additionally, two other vulnerabilities were acknowledged: CVE-2026-21265, a secure boot certificate expiration bypass with a CVSS rating of 6.4, and CVE-2023-31096, an elevation of privilege flaw affecting third-party Agere Modem drivers, rated at 7.8. Two more vulnerabilities, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7.4), are use-after-free flaws in Office that could allow unauthorized code execution.

Winsage

January 14, 2026

U.S. CISA adds a flaw in Microsoft Windows to its Known Exploited Vulnerabilities catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Windows vulnerability, CVE-2026-20805, to its Known Exploited Vulnerabilities (KEV) catalog, with a CVSS score of 8.7. This vulnerability, part of the January 2026 Patch Tuesday updates, affects the Windows Desktop Window Manager and allows attackers to leak memory information, potentially aiding in further exploits. Federal Civilian Executive Branch agencies must address this vulnerability by February 3, 2026, as mandated by Binding Operational Directive 22-01.

Winsage

January 14, 2026

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

On Tuesday, Microsoft released its first security update for 2026, addressing 114 vulnerabilities, including eight classified as Critical and 106 as Important. The vulnerabilities include 58 related to privilege escalation, 22 concerning information disclosure, 21 linked to remote code execution, and five categorized as spoofing flaws. A notable vulnerability, CVE-2026-20805, involves information disclosure within the Desktop Window Manager (DWM) and has a CVSS score of 5.5. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to implement fixes by February 3, 2026. Additionally, Microsoft announced the expiration of three Windows Secure Boot certificates issued in 2011, effective June 2026, urging customers to transition to newer certificates to avoid disruptions. The update also removed vulnerable Agere Soft Modem drivers due to a local privilege escalation flaw (CVE-2023-31096) and addressed another critical privilege escalation flaw in Windows Virtualization-Based Security (CVE-2026-20876) with a CVSS score of 6.7. Other vendors, including Adobe, Amazon Web Services, and Cisco, have also released security patches for various vulnerabilities.

AppWizard

January 14, 2026

Hytale surges to the most-watched game on Twitch, attracting over 420,000 viewers with its long-awaited launch

Hytale has officially entered early access after a decade of development challenges. The game's announcement trailer from 2018 has received 62 million views. On launch day, Hytale became the most-watched game on Twitch with over 420,000 viewers. Players are encountering challenges with wildlife, particularly bears. Hytale has secured funding for two years of early access development, and expectations are high for over one million players on launch day. There has been a significant spike in global search interest for Hytale on Google Trends. Initial technical issues have arisen, and the development team is working on a hotfix to address bugs and account verification delays due to high demand.

TrendTechie

January 13, 2026

Tilburg University: что метаданные торрентов могут рассказать специалистам по кибербезопасности?

Cybersecurity specialists often encounter torrent traffic during investigations into corporate policy violations and criminal activities. A study proposes that torrent metadata can serve as a source of open-source intelligence, focusing on the valuable information that can be extracted from publicly available torrent metadata. Torrent files contain descriptive information such as file names, tracker addresses, cryptographic hashes, and various metadata fields. Trackers provide lists of peers connected to specific files, revealing IP addresses and ports, which can be used for security analysis. The research collected metadata from The Pirate Bay and public UDP trackers across 206 popular torrent resources, resulting in a dataset of over 60,000 unique IP addresses. These addresses were enriched with data on geolocation, internet service providers, autonomous systems, and indicators of VPN or hosting infrastructure usage. A specific analysis phase labeled IP addresses linked to child sexual exploitation materials using an external monitoring database, without direct interaction with illegal content. Co-author Giuseppe Cascavilla noted that the choice of UDP trackers was intentional, allowing for testing the analysis concept while limiting observation completeness. He suggested that expanding the methodology to include large-scale data collection from DHT networks could improve coverage and identify users avoiding centralized trackers, potentially revealing correlations between anonymization and riskier behavior. The findings are presented as a conservative snapshot of activity observable through open tracking mechanisms.