STRATQUAD
CYBER THREAT INTELLIGENCE BRIEF
Daily Brief · 17 June 2026 · 24h windowRISKCRITICAL
StratQuad CTI Daily Brief, 17 June 2026
Compiled from 28 monitored sources · 277 articles reviewed

Today’s Briefing

CVE-2026-48907 in Widget Factory Joomla Content Editor added to CISA's KEV catalogue today following active exploitation. The flaw, scored 10.0, permits unauthenticated attackers to upload and execute arbitrary PHP code by creating new editor profiles. CISA's advisory confirms evidence of in-the-wild use; organisations running Joomla sites with JCE installed should treat this as an immediate patching priority. Separately, CISA published an ICS advisory for Rockwell Automation CompactLogix 5370 L1, L2, and L3 controllers addressing denial-of-service conditions, though no CVE identifiers were assigned in today's release.

Top Stories

  1. CISA Adds One Known Exploited Vulnerability to Catalog
  2. Rockwell Automation CompactLogix
  3. CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

Full brief available to subscribers

The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

← All briefs