editorially independent. We may make money when you click on links
to our partners.
Learn More
Major Threats & Vulnerabilities
Zero-Day Vulnerabilities and Active Exploits
Apple patched CVE-2026-20700, a zero-day vulnerability in the dynamic linker (dyld) exploited in targeted attacks across iOS, iPadOS, and macOS. The flaw was part of a multi-CVE exploit chain targeting recent Apple devices. Users are urged to update immediately.
CVE-2026-21514 in Microsoft Word allows attackers to bypass OLE protections and execute malicious code without user warnings. Microsoft confirmed active exploitation and has released a patch.
A denial-of-service flaw in Windows RasMan service was actively exploited to crash VPN connectivity. Microsoft has issued a fix for this vulnerability, which affects local users.
Remote Code Execution and System Compromise Risks
CVE-2026-25646, a 30-year-old heap buffer overflow in libpng, has resurfaced with remote code execution potential via crafted PNG files. This legacy flaw poses serious supply chain risks.
A remote code execution flaw in Windows Notepad allows attackers to exploit malicious Markdown links. Users should update to version 11.2510 or later to mitigate the risk.
BeyondTrust Remote Support and Privileged Remote Access products contain a critical flaw that enables unauthenticated remote code execution. A patch is available and should be applied immediately.
Authentication and Access Control Flaws
FortiOS versions 7.6.0–7.6.4 contain an authentication bypass vulnerability due to improper handling of LDAP responses when anonymous binds are enabled. This could allow unauthorized VPN or SSO access.
Industry News
Cybercrime Trends and Espionage
The Picus Red Report 2026 reveals a 38% decline in ransomware encryption, with attackers shifting toward stealthy tactics and identity abuse to maintain persistent access.
A state-aligned espionage campaign has breached government and infrastructure targets in 37 countries, including the energy and finance sectors.
Ransomware and Data Breaches
BridgePay suffered a ransomware attack that disrupted payment APIs and terminals nationwide, impacting thousands of merchants and public-sector entities.
Flickr is investigating a third-party data leak involving email metadata. While no passwords or payment data were exposed, users may be at risk of phishing.
Cloud and AI Threats
TeamPCP is behind a campaign exploiting Docker, Kubernetes, and React apps, compromising at least 185 servers since late 2025.
A viral AI caricature trend has exposed the risks of shadow AI use, where unsanctioned LLMs are used to process sensitive data, potentially aiding phishing and reconnaissance.
Other Notable Developments
Attackers are abusing Bing ads and Azure infrastructure to deliver fake Microsoft support pages, targeting at least 48 U.S. organizations.
Security Tips & Best Practices
macOS and Endpoint Security
To secure macOS endpoints, organizations should:
- Enable FileVault and System Integrity Protection
- Deploy macOS-compatible EDR and use application allowlisting
- Apply least privilege and harden browser and extension policies
SSO and Identity Protection
To secure SSO environments, implement the following:
- Enforce phishing-resistant MFA
- Disable legacy authentication protocols
- Harden federation and LDAP configurations
- Apply least-privilege access controls
- Monitor for geolocation anomalies and suspicious token reuse
Open-Source and AI Security
To mitigate risks from open-source dependencies:
- Use SBOMs and automated scanning to identify vulnerable libraries
- Enforce secure defaults and sandbox high-risk components
- Monitor runtime behavior for signs of exploitation
Zero-Click and OSINT Safety
To defend against zero-click vulnerabilities in desktop apps:
- Be cautious of calendar invites from unknown sources
- Disable or sandbox browser extensions used by desktop apps
- Apply patches promptly
For responsible OSINT use:
- Validate findings with multiple sources
- Use trusted threat intelligence feeds
- Restrict access to sensitive outputs
- Comply with legal and platform rules
If you want to see more from our Newsletter Archive please click here.
