'Djinn' Stealer Targets Cloud, AI Credentials
The campaign demonstrates that attackers leverage RMM tools as entry points to steal cloud and AI credentials using admin privileges, enabling broad network compromise.
Comparing 11 July 2026 with the previous day 4 July 2026.
The campaign demonstrates that attackers leverage RMM tools as entry points to steal cloud and AI credentials using admin privileges, enabling broad network compromise.
A critical deserialization vulnerability in Microsoft Edge allows unauthenticated remote code execution, requiring immediate patch prioritization across all Edge installations.
State-sponsored APT groups exploit simple attack vectors such as weak passwords and lack of network segmentation rather than sophisticated malware,an operational concern for European manufacturing facilities with similar OT configurations.
The draft intelligence service law reform could force the BSI to hand over zero-day vulnerabilities to the BND,a step that could endanger the cybersecurity of German organisations if flaws are not promptly disclosed to vendors.
Russia is using compromised private IP cameras for reconnaissance of NATO military logistics infrastructure,an example of the instrumentalization of consumer IoT devices in state-sponsored espionage operations.
Dropping Elephant leverages legitimate binaries (Fondue.exe) for DLL side-loading and Donut shellcode for in-memory RAT placement to bypass disk-based security controls; operational approaches change slower than the tooling itself.
A directory-traversal vulnerability in Edge feedback logging enables remote code execution when a user visits a malicious page or opens a malicious file.
BSI warns of multiple vulnerabilities in Firefox/ESR and Thunderbird with high exploitation potential; exact CVE numbers and version details are absent from this generic announcement.
CISA warns of active credential exposure incidents in Fortinet devices and recommends hardening measures, indicating ongoing threat exploitation in the wild.
BSI warns of multiple undisclosed vulnerabilities in Chrome and Edge; details are limited until patches become available.
BSI advisory for multiple GNU libc vulnerabilities with potential code execution , directly affects all Ubuntu systems in DACH environments.
ClickOnce applications provide threat actors with a built-in update mechanism and reliable persistence method through .appref-ms files in the Start Menu, executable on every user launch.
No changes in this category.
No changes in this category.
North Korean actors are conducting an active supply-chain campaign with 108 malicious packages across multiple popular package repositories, indicating a strategic shift toward dependency-chain compromise as a vector for network infiltration.
Local escalation in optional Narrator Braille feature requires already having low-privilege code execution on the target system.
A use-after-free in Adobe Acrobat Reader DC enables RCE with CVSS 7.8 via visiting a malicious page or opening a crafted file.
A use-after-free vulnerability in Adobe Acrobat Reader DC enables remote code execution through file or web interaction with CVSS 7.8 severity.
A use-after-free RCE in Adobe Acrobat Pro DC with CVSS 7.8 requires user interaction but poses significant risk to organizations using PDF editing.
Use-After-Free vulnerability in Adobe Acrobat Pro DC enables remote code execution when a user interacts with a malicious file or webpage.
A use-after-free vulnerability in Adobe Acrobat Reader DC enables remote code execution with medium-to-high severity; user interaction required.
A use-after-free vulnerability in Adobe Acrobat Reader DC enables remote code execution via malicious documents, posing significant risk in manufacturing environments where PDF file exchange is routine.
An integer overflow vulnerability in Adobe Acrobat Reader DC's TIF file parsing enables remote code execution with CVSS 7.8 requiring user interaction.
FortiBleed goes beyond a simple credential leak and has deeper security implications for FortiGate/FortiClient deployments; however, the bulletin aggregates multiple unrelated incidents without strategic focus.
The vulnerability requires user interaction (opening malicious files) and has low-to-medium risk with CVSS 3.3, but affects widely deployed software in manufacturing enterprises.
BSI warns of multiple vulnerabilities in Adobe Creative Cloud without specific CVE details; the required user interaction limits immediate attack risk but requires patch management and user awareness.
The BSI warns of multiple not-yet-fully-disclosed vulnerabilities in Edge; details on exploitability and attack vector are still missing, complicating timely patch management.
A previously undocumented malware family (SharkLoader) is being deployed in a multinational campaign targeting government and diplomatic organizations to deliver Cobalt Strike Beacon; the threat actor leverages publicly available exploits against internet-facing applications such as Microsoft Exchange and SharePoint.