STRATQUAD
CYBER THREAT INTELLIGENCE BRIEF
Daily Brief · 13 June 2026 · 24h windowRISKCRITICAL
StratQuad CTI Daily Brief, 13 June 2026
Compiled from 24 monitored sources · 170 articles reviewed

Today’s Briefing

CVE-2026-35273 in Oracle PeopleSoft Enterprise PeopleTools entered the CISA KEV catalogue yesterday following active exploitation by the ShinyHunters actor targeting the education sector. The vulnerability is a missing authentication flaw in versions 8.61 and 8.62 that permits unauthenticated takeover of PeopleTools instances; Oracle published an out-of-band security alert on 10 June. Separately, Iran-linked Handala compromised California Water Service via an exposed GPS tool, exfiltrating 5GB of billing data covering two million customers and posting proof on 11 June.

Top Stories

  1. Iran-Linked Handala Breached a California Water Utility. It Could Have Done Worse, and It Knows That.
  2. CISA Adds One Known Exploited Vulnerability to Catalog
  3. Brickcom Cameras
  4. Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Full brief available to subscribers

The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

← All briefs