National intelligence agencies warn of active global campaign targeting Fortinet infrastructure; indicates state-sponsored threat actors exploiting critical perimeter security as attack vector.
A publicly available exploit for a critical privilege escalation in Microsoft Defender enables full system takeover with SYSTEM privileges; the same researcher has submitted at least four additional Windows zero-days that have since been patched by Microsoft.
Large-scale supply-chain attack on 140+ npm packages through maintainer account takeover and distribution of malicious dayjs typosquat demonstrates vulnerability of open-source ecosystems to targeted compromise.
BSI advisory on multiple critical vulnerabilities in Firefox/ESR and Thunderbird with arbitrary code execution and sandbox escape potential; patches required.
A coordinated attack wave against tens of thousands of firewalls indicates an active, large-scale campaign possibly conducted by nation-state actors or organized cybercriminals seeking access to critical network infrastructure.
An active clipboard-stealing malware strain since February 2026 leverages Windows Script Host, hidden Tor-based C2 servers, and automatic propagation mechanisms for persistence without relying on traditional installers or exposed IP-based infrastructure.
The alert provides no CVE identifiers and no details on active exploitation or attack scenarios, making it primarily a patch announcement without strategic added value.
Attackers leverage legitimate Microsoft Teams TURN relays to conceal C2 traffic by deploying a Go-based RAT using Ghost Calls technique, remaining entirely invisible within normal Teams traffic.
UEFI firmware-level vulnerabilities require DBX updates from vendors and BIOS patches , cannot be fully remediated through operating system updates alone.
Microsoft acknowledges unintended side effects of June security updates that prevent third-party applications from launching Office apps,a regression issue affecting productivity.
CVE-2026-42897 was an actively exploited zero-day vulnerability in Exchange Server that Microsoft warned about in mid-May 2026 before a patch became available in June.
Active exploitation by multiple threat actors observed in the field; unauthenticated remote VPN connections possible under specific configuration, with IOCs provided for incident response.
Chaotic Eclipse is actively exploiting a new BitLocker bypass in attack operations, indicating targeted attacks against organizations using Windows encryption.
Criminal charges against a Russian national underscore US law enforcement action against Void Blizzard and highlight ongoing activity by this Kremlin-linked group targeting Western entities.
The exploit leverages a vulnerability in Microsoft Defender's offline scan functionality to bypass BitLocker and spawn a SYSTEM shell, posing a critical threat to locally accessible Windows systems.
The BSI warning addresses multiple critical vulnerabilities in Ubiquiti UniFi OS without specific CVE identification, suggesting either incomplete disclosure or coordinated vulnerability management.
BSI warns of multiple OpenSSL vulnerabilities with high risk potential (RCE, DoS, information disclosure); an official German government warning signals active exploitation or imminent public exploit availability.
BSI warns of multiple vulnerabilities in 7-Zip with remote code execution potential when processing manipulated archives , relevant immediate threat to desktop end-users.
BSI advisory on multiple Chrome and Edge vulnerabilities without specific CVE identifiers; PoC/active exploitation not mentioned, but code execution via merely opening a malicious webpage indicates high risk.
Multiple OpenSSL security vulnerabilities were closed with focus on crafted signatures, indicating potential bypass scenarios in cryptographic validation mechanisms , a strategically relevant category of weaknesses.
BSI warns of multiple unspecified vulnerabilities in Chrome and Edge that can enable code execution, security bypass, and data theft , specific CVE numbers and PoC status are not provided.
BSI advisory on multiple critical vulnerabilities in Firefox/Thunderbird without specific CVE numbers in the title; details required for patch prioritization.
BSI advisory warns of an unspecified vulnerability in both browsers enabling potential code execution , update required, but CVE details are missing for prioritization.
BSI warns of multiple OpenSSL vulnerabilities; without specific CVE numbers, this is a generic advisory likely referencing a patch cycle or multiple known flaws.
BSI warning regarding multiple vulnerabilities in Microsoft developer tools without concrete CVE details or exploitation status , typical for aggregated security advisories.
The Gentlemen gang operates as a Russian-speaking RaaS affiliate with worm-like propagation capability, combining vulnerability exploitation with BYOVD techniques for enterprise network penetration.
The exploit requires local access and either prior initiation of Windows Defender Offline Scan or the attacker's ability to boot into Windows Recovery Environment (WinRE) without authentication; this is a newly disclosed technique with no confirmed active exploitation campaigns.
UNC6671 uses social engineering (vishing) combined with Adversary-in-the-Middle (AiTM) and Python/PowerShell to bypass MFA and systematically compromise Microsoft 365 and Okta; the announced shutdown signals possible rebranding rather than permanent cessation.
This is a known-issue fix for Windows Server 2025, not a security patch against external attacks; relevant to the CISO only if Windows Server 2025 migration is planned.
A legitimate PowerShell script in Siemens patch files is flagged as malware by multiple antivirus engines, potentially blocking deployments and delaying critical patches.