CVE-2026-58596
Network-based privilege escalation in Microsoft Edge allows attackers to gain system privileges remotely without user interaction.
Comparing 12 July 2026 with the previous day 11 July 2026.
Network-based privilege escalation in Microsoft Edge allows attackers to gain system privileges remotely without user interaction.
ToddyCat develops specialized tools (Umbrij) to bypass EPP/EDR solutions through OAuth token theft via remote debugging port , an advanced technique for silent email compromise.
CISA has added the SimpleHelp vulnerability to its Known Exploited Vulnerabilities catalog; security researchers have identified malware such as TaskWeaver and Djinn Stealer deployed post-compromise via CVE-2026-48558.
No changes in this category.
No changes in this category.
The campaign demonstrates that attackers leverage RMM tools as entry points to steal cloud and AI credentials using admin privileges, enabling broad network compromise.
A critical deserialization vulnerability in Microsoft Edge allows unauthenticated remote code execution, requiring immediate patch prioritization across all Edge installations.
State-sponsored APT groups exploit simple attack vectors such as weak passwords and lack of network segmentation rather than sophisticated malware,an operational concern for European manufacturing facilities with similar OT configurations.
The draft intelligence service law reform could force the BSI to hand over zero-day vulnerabilities to the BND,a step that could endanger the cybersecurity of German organisations if flaws are not promptly disclosed to vendors.
Russia is using compromised private IP cameras for reconnaissance of NATO military logistics infrastructure,an example of the instrumentalization of consumer IoT devices in state-sponsored espionage operations.
Dropping Elephant leverages legitimate binaries (Fondue.exe) for DLL side-loading and Donut shellcode for in-memory RAT placement to bypass disk-based security controls; operational approaches change slower than the tooling itself.
A directory-traversal vulnerability in Edge feedback logging enables remote code execution when a user visits a malicious page or opens a malicious file.
BSI warns of multiple vulnerabilities in Firefox/ESR and Thunderbird with high exploitation potential; exact CVE numbers and version details are absent from this generic announcement.
CISA warns of active credential exposure incidents in Fortinet devices and recommends hardening measures, indicating ongoing threat exploitation in the wild.
BSI warns of multiple undisclosed vulnerabilities in Chrome and Edge; details are limited until patches become available.
BSI advisory for multiple GNU libc vulnerabilities with potential code execution , directly affects all Ubuntu systems in DACH environments.
ClickOnce applications provide threat actors with a built-in update mechanism and reliable persistence method through .appref-ms files in the Start Menu, executable on every user launch.