Daily News
SharePoint RCE CVE-2026-45659: Active Exploits
SharePoint RCE CVE-2026-45659 is now under active exploitation, and the federal patch deadline set by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is July 4 — tomorrow. The CVSS 8.8 deserialization flaw lets any authenticated user with nothing more than baseline Site Member permissions run code remotely on the server. Shadowserver currently counts more…
Read MoreAzure CLI Password Spray Bypasses MFA
An Azure CLI password spray campaign made more than 81 million login attempts against Microsoft accounts over two weeks and successfully compromised 78 accounts across 64 organizations — a meaningful share of which believed multi-factor authentication already protected them. The attackers did not break MFA. They found a legacy authentication path that most Conditional Access…
Read MoreSimpleHelp CVE-2026-48558 RMM Bypass Exploited
A critical SimpleHelp CVE-2026-48558 authentication bypass is letting attackers forge a login token and seize a fully authenticated technician session in the remote monitoring and management (RMM) software thousands of managed service providers use to run client networks. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 29, and researchers have already…
Read MoreSignal Backup Recovery Key Russian intelligence
Signal Backup Recovery Key Russian intelligence theft is now formally attributed by three governments. The FBI, CISA, and Ukraine’s Security Service (SSU) jointly disclosed on June 26–27, 2026 that FSB-linked UNC5792 and GRU-linked UNC4221 are stealing these keys via fake support SMS messages — granting persistent access to complete message archives even after victims reset…
Read MorePTC Windchill RCE CVE-2026-12569: Web Shells Actively Deployed
The PTC Windchill RCE CVE-2026-12569 (CVSS 9.3) is actively exploited — and this is the second attack wave targeting the same product in three months. Attackers are deploying persistent JSP web shells inside Windchill PDMLink and FlexPLM installations right now. CISA added the flaw to its Known Exploited Vulnerabilities catalog on June 25, 2026; the…
Read More
