InfoSec News 15JAN2026

General

• Microsoft finally gets around to patching its SQLite3 DLL (WinSqlite3.dll), patched upstream in June 2025 (3.50.2).
  • https://www.bleepingcomputer.com/news/microsoft/microsoft-updates-windows-dll-that-triggered-security-alerts/
  • https://www.sqlite.org/cves.html
• Microsoft agrees to pay for the electricity and water its data-centres use, and even pay their fair share of tax. How magnanimous!

“we’ll ask utilities and public commissions to set our rates high enough to cover the electricity costs for our datacenters”

“we’ll pay our full and fair share of local property taxes”

"Especially when tech companies are so profitable, it's both unfair and politically unrealistic for our industry to ask the public to shoulder added electricity costs for AI," Microsoft vice chair and president Brad Smith said in a statement.

• https://blogs.microsoft.com/on-the-issues/2026/01/13/community-first-ai-infrastructure/
• https://www.itnews.com.au/news/microsoft-rolls-out-initiative-to-limit-data-centre-power-costs-622947
• https://arstechnica.com/ai/2026/01/microsoft-vows-to-cover-full-power-costs-for-energy-hungry-ai-data-centers/
• Apple may soon support RCS Universal Profile 3.0, bringing End-to-End-Encryption (E2EE) – in a standardised way – to Rich Communications Services (RCS). RCS is designed as a ‘modern’ (first released in 2008) alternative to SMS. Google is also testing support for the standardised encryption – their current implementation is based on Signal.
  • https://www.itnews.com.au/news/apple-preps-e2ee-rcs-messaging-in-latest-ios-beta-622955
• Turns out crypto-currency isn’t just good for obtaining ransomware payments, and funding the North Korean regime…it’s also useful for protecting ransomware communications. Deadlock ransomware using it to store an easily-rotated front-end proxy URL.
  • https://www.theregister.com/2026/01/14/deadlock_ransomware_smart_contracts/
• Meta continues to back away from the metaverse. After spending massive amounts on ‘the next big thing’, it’s gone nowhere, and Meta appears to be changing focus.
  • https://techcrunch.com/2026/01/14/meta-to-reportedly-lay-off-10-of-reality-labs-staff/
• [US] California is the latest to open investigations into xAI’s Grok and the generation of illegal images.
  • https://therecord.media/california-grok-deepfakes-investigation
  • https://arstechnica.com/tech-policy/2026/01/musk-still-defending-groks-partial-nudes-as-california-ag-opens-probe/

Getting Techy

• Diving into the quality defensive coding from Fortinet, with their FortiSIEM. Horizon3 write up an unauthenticated remote-code-execution (RCE) as root, they discovered and reported last year.
  • https://horizon3.ai/attack-research/disclosures/cve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem/
  • https://www.bleepingcomputer.com/news/security/exploit-code-public-for-critical-fortisiem-command-injection-flaw/
• Coming soon to a Chinese APT near you – VoidLink malware for Linux. LOL at the credential-harvesting  module name - “mimipenguin”.
  • https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/
  • (Less techy) https://blog.checkpoint.com/research/voidlink-the-cloud-native-malware-framework-weaponizing-linux-infrastructure/
  • (Less techy) https://www.theregister.com/2026/01/14/voidlink_linux_malware/

(Less techy) https://arstechnica.com/security/2026/01/never-before-seen-linux-malware-is-far-more-advanced-than-typical/

Geo-Politics

• [PL] Poland blames Russia for attempting to blackout the electricity grid in the cold of December.

“Everything indicates that we are dealing with Russian sabotage—because it has to be called by its name—which was intended to destabilize the situation in Poland.

“It was the largest attack on energy infrastructure in years with a clear goal: to cause a blackout,”

• https://therecord.media/poland-cyberattack-grid-russia
• (TVP World) https://archive.md/Z0Qnh
• [UG] Uganda’s following a common script – Internet and mobile phone services have been shutdown “indefinitely” ahead of elections. The current president is in an unstable position, having remained in power since 1986, through highly questionable means.
  • https://therecord.media/uganda-internet-shutdown-elections

Privacy

• [US] California Privacy Protection Agency (CPPA) has appointed a new board member, with strong privacy credentials – “Ozer served as founding director of the Technology and Civil Liberties Program at the ACLU of Northern California”, and “currently serves as the inaugural executive director for the Centre for Constitutional Democracy at UC Law San Francisco”. The CPPA is known to set some of the strongest privacy protections in the US.
  • https://therecord.media/ccpa-appoints-new-board-member

AI

• Moxie Marlinspike – of Signal fame – has created a new project ‘Confer’. Confer aims to provide private access to LLM’s running in the cloud. It uses Passkeys for authentication and Trusted Execution Environment (TEE) to run the Large Language Models (via vLLM). Of particular note is the way it provides an encrypted session to the, using keys deterministically derived from the Passkey. This solves the key-management problem – Confer never sees the key, standard tooling synchronises the Passkey (however the user chooses to do so – e.g. Cloud Keychain, or a physical key such as YubiKey – select whatever fits your threat-model). Expect to see this key-derivation trick used elsewhere.
  The blog posts are well worth the read.
  • https://arstechnica.com/security/2026/01/signal-creator-moxie-marlinspike-wants-to-do-for-ai-what-he-did-for-messaging/
  • https://confer.to/blog/
  • https://github.com/ConferLabs
• Tesla looks to be going down the subscription-only path with its “Full Self Driving” (but requires human supervision) mode.
  • https://techcrunch.com/2026/01/14/tesla-will-only-offer-subscriptions-for-full-self-driving-supervised-going-forward/
• [UK] Police banned fans from a football match, over concerns of religious violence – based on an incident hallucinated by CoPilot. After the Chief Constable initially claimed – in Parliament – “We do not use AI”, they had to admit this week that it was a lie – “the erroneous result concerning the ... match arose as a result of a use of Microsoft Co Pilot(sic)”
  • https://arstechnica.com/ai/2026/01/deny-deny-admit-uk-police-used-copilot-ai-hallucination-when-banning-football-fans/