National intelligence agencies warn of active global campaign targeting Fortinet infrastructure; indicates state-sponsored threat actors exploiting critical perimeter security as attack vector.
A publicly available exploit for a critical privilege escalation in Microsoft Defender enables full system takeover with SYSTEM privileges; the same researcher has submitted at least four additional Windows zero-days that have since been patched by Microsoft.
Large-scale supply-chain attack on 140+ npm packages through maintainer account takeover and distribution of malicious dayjs typosquat demonstrates vulnerability of open-source ecosystems to targeted compromise.
BSI advisory on multiple critical vulnerabilities in Firefox/ESR and Thunderbird with arbitrary code execution and sandbox escape potential; patches required.
A coordinated attack wave against tens of thousands of firewalls indicates an active, large-scale campaign possibly conducted by nation-state actors or organized cybercriminals seeking access to critical network infrastructure.
An active clipboard-stealing malware strain since February 2026 leverages Windows Script Host, hidden Tor-based C2 servers, and automatic propagation mechanisms for persistence without relying on traditional installers or exposed IP-based infrastructure.
The alert provides no CVE identifiers and no details on active exploitation or attack scenarios, making it primarily a patch announcement without strategic added value.
Attackers leverage legitimate Microsoft Teams TURN relays to conceal C2 traffic by deploying a Go-based RAT using Ghost Calls technique, remaining entirely invisible within normal Teams traffic.
UEFI firmware-level vulnerabilities require DBX updates from vendors and BIOS patches , cannot be fully remediated through operating system updates alone.
Microsoft acknowledges unintended side effects of June security updates that prevent third-party applications from launching Office apps,a regression issue affecting productivity.
The vulnerability is a race condition in the Malware Protection Engine that grants SYSTEM-level privileges regardless of real-time protection status and has already been publicly exploited by a security researcher.
GitHub platform flaws are actively exploited by Shai-Hulud variants to compromise hundreds of software packages and developer accounts; GitHub dismissed formal security reports, amplifying fundamental supply-chain risk for all software developers.
The threat is driven by the Nightmare Eclipse group as part of a targeted campaign against Microsoft, with multiple zero-days (BlueHammer, RedSun, UnDefend) already exploited in the wild.
Three critical Fortinet FortiSandbox vulnerabilities (CVE-2026-39808, CVE-2026-39813, CVE-2026-25089) are currently under active exploitation, with honeypots and threat intelligence sources reporting attacks since June 2026.
Mass theft of admin credentials from 75,000 Fortinet devices via exported configuration files , an active, ongoing threat scenario without a published vulnerability.
Critical Fortinet vulnerabilities are being actively exploited by multiple independent attackers, not just a single campaign,indicating widespread opportunistic exploitation.
Russian-speaking threat actors are conducting an active large-scale campaign against Fortinet devices worldwide, having already compromised 30,000+ Internet-facing firewalls and VPN gateways and harvested credentials.
The FortiBleed campaign actively targets Internet-exposed Fortinet devices and has already compromised credentials for over 30,000 devices; threat actors with suspected Russian background have been identified.
BSI warns of multiple critical vulnerabilities in Firefox/Firefox ESR/Thunderbird enabling code execution and sandbox escape; user interaction required but can be triggered by opening a malicious file or website.
The BSI has issued a warning on a critical OpenSSL vulnerability with code execution and data leak potential; the status (CVE-ID, CVSS score, KEV listing) is not specified in this summary, so the official BSI advisory and CVSS rating should be consulted.
A coordinated malware campaign exploits trusted developer IDE marketplaces to distribute credential stealers specifically targeting AI API keys and developer authentication.
Attackers abuse Microsoft Teams relay servers as a command-and-control channel for a new Go-based backdoor, demonstrating the difficulty of monitoring and blocking Teams traffic for malicious purposes.
A local privilege escalation in Microsoft Defender weakens endpoint defense effectiveness and allows attackers with initial system access to escalate to administrative rights.
The BSI is tightening enforcement of NIS2 implementation with a new registration deadline by end of July, as registration rates have been disappointing.
The FortiBleed leak demonstrates that thousands of Fortinet devices globally have already been compromised and their VPN credentials are publicly available,an active, ongoing attack scenario, not merely a vulnerability.