Today’s Briefing
CVE-2026-48907 in Widget Factory Joomla Content Editor added to CISA's KEV catalogue today following active exploitation. The flaw, scored 10.0, permits unauthenticated attackers to upload and execute arbitrary PHP code by creating new editor profiles. CISA's advisory confirms evidence of in-the-wild use; organisations running Joomla sites with JCE installed should treat this as an immediate patching priority. Separately, CISA published an ICS advisory for Rockwell Automation CompactLogix 5370 L1, L2, and L3 controllers addressing denial-of-service conditions, though no CVE identifiers were assigned in today's release.
Top Stories
Full brief available to subscribers
The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.
Get the brief at 07:00, every weekday.
The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.