Executive TL;DR:
CISA added one new vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog during the past seven days: CVE-2026-45659, affecting Microsoft SharePoint Server. The addition confirms active exploitation and elevates patching from routine maintenance to an operational priority for organisations running on-premises SharePoint infrastructure. Security, vulnerability management and infrastructure teams should identify exposed SharePoint deployments immediately, validate patch status, and prioritise remediation ahead of routine patch cycles.
Reading time 15 minutes
Executive TL;DR:
A 10-minute phone call cost MGM Resorts $100 million. Learn how attackers bypassed helpdesk security through vishing, what identity controls failed, and actionable steps to prevent similar breaches. Includes timeline analysis, control gap breakdown, and operator checklist for to help protect your organisation.
Reading time 15 Minutes
The UK NCSC warns that an imminent AI-driven "patch wave" will completely overwhelm traditional security update pipelines. This guide breaks down the threat mechanics and delivers a practical playbook to help teams scale automation and deploy risk-based triage before exploit windows collapse.
Reading time 5 minutes
Executive TL;DR:
» CISA’s June 2026 KEV additions target high-value enterprise consoles and infrastructure management platforms across your deployment footprint.
» Threat actors are actively chaining the new Ubiquiti flaws to gain unauthenticated root access and completely wipe local device logs.
» Prioritizing these six network-reachable flaws using combined EPSS and KEV telemetry immediately neutralizes active edge compromise vectors.
Reading time 15 minutes
COOKIE / PRIVACY POLICY: This website uses essential cookies required for basic site functionality. We also use analytics cookies to understand how the website is used. We do not use cookies for marketing or personalization, and we do not sell or share any personal data with third parties.