Cisco SD-WAN Zero-Day Exploited Months Before Patching
A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.
Comparing 25 June 2026 with the previous day 18 June 2026.
A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.
The official Swiss security report 2026 designates Russia as Europe's greatest threat with aggressive hybrid warfare directly targeting Switzerland in cyberspace, critical infrastructure, and espionage , a strategic signal for Swiss manufacturing SMEs.
Gamaredon is escalating its malware obfuscation and command-and-control infrastructure evasion capabilities, signalling an intensification of Russian cyber operations against European targets.
German Federal Office for the Protection of the Constitution warns of targeted Chinese espionage in academic and research institutions , a strategic risk for European technology and manufacturing industry through leakage of sensitive research findings.
After a global lull in 2024,2025, ransomware gangs have actively refocused on Europe and are deliberately targeting EU organizations and their supply chains,a strategic risk for Swiss and European manufacturing enterprises.
The BSI advisory aggregates multiple critical Exchange vulnerabilities without naming specific CVEs, indicating a regularly updated collective warning.
The BSI warns of multiple critical vulnerabilities in OpenSSL that can enable remote code execution, security bypasses, and data loss.
Race-condition vulnerability in Linux kernel memory management with potential for memory corruption under concurrent access to memcg lists.
A stack buffer overflow in the netfilter implementation allows kernel-memory corruption and potential code execution when specific nft rule combinations are processed.
More than half of the vulnerabilities are use-after-free defects that can lead to remote code execution; prompt patching is required.
Cisco Talos documents systematically how malware exploits COM interfaces for lateral movement, persistence, and evasion , a fundamental defensive competency for Windows-heavy infrastructure defenders.
The BSI has issued a security advisory on multiple vulnerabilities in Adobe Acrobat DC and Adobe Acrobat Reader DC enabling remote code execution and privilege escalation, though specific CVE identifiers are not named in this notice.
BSI warns of multiple Chrome vulnerabilities not yet fully disclosed; details remain embargoed until patches are available.
Chrome 149.0.7827.196/197 patches 18 vulnerabilities including four critical flaws; no indication of active in-the-wild exploitation yet, but Chrome zero-days have been exploited multiple times this year.
A flaw in error-handling during iptables/netfilter rule processing allows leaking internal kernel memory addresses, potentially bypassing KASLR mitigation.
The vulnerability enables a kernel crash (DoS) through missing validation before skb_pull() in GRO network processing and potentially affects all protocols handling fragmented packets via GRO.
No changes in this category.
No changes in this category.
National intelligence agencies warn of active global campaign targeting Fortinet infrastructure; indicates state-sponsored threat actors exploiting critical perimeter security as attack vector.
A publicly available exploit for a critical privilege escalation in Microsoft Defender enables full system takeover with SYSTEM privileges; the same researcher has submitted at least four additional Windows zero-days that have since been patched by Microsoft.
Large-scale supply-chain attack on 140+ npm packages through maintainer account takeover and distribution of malicious dayjs typosquat demonstrates vulnerability of open-source ecosystems to targeted compromise.
BSI advisory on multiple critical vulnerabilities in Firefox/ESR and Thunderbird with arbitrary code execution and sandbox escape potential; patches required.
A coordinated attack wave against tens of thousands of firewalls indicates an active, large-scale campaign possibly conducted by nation-state actors or organized cybercriminals seeking access to critical network infrastructure.
An active clipboard-stealing malware strain since February 2026 leverages Windows Script Host, hidden Tor-based C2 servers, and automatic propagation mechanisms for persistence without relying on traditional installers or exposed IP-based infrastructure.
The alert provides no CVE identifiers and no details on active exploitation or attack scenarios, making it primarily a patch announcement without strategic added value.
Attackers leverage legitimate Microsoft Teams TURN relays to conceal C2 traffic by deploying a Go-based RAT using Ghost Calls technique, remaining entirely invisible within normal Teams traffic.
UEFI firmware-level vulnerabilities require DBX updates from vendors and BIOS patches , cannot be fully remediated through operating system updates alone.
Microsoft acknowledges unintended side effects of June security updates that prevent third-party applications from launching Office apps,a regression issue affecting productivity.