STRATQUAD
CYBER THREAT INTELLIGENCE BRIEF
Daily Brief · 27 June 2026 · 24h windowRISKHIGH
StratQuad CTI Daily Brief, 27 June 2026
Compiled from 52 monitored sources · 289 articles reviewed

Today’s Briefing

CISA and the FBI updated their public service announcement warning that Russian Intelligence Services continue to target commercial messaging applications in phishing campaigns, the second such alert since March. Google Threat Intelligence published details of STOCKSTAY, a new intelligence collection tool attributed to Turla, while Microsoft released analysis of StealC and Amadey infostealers and the cybercrime services delivering them. The watchlist includes two critical use-after-free vulnerabilities in Chrome on Android (CVE-2026-13032 and CVE-2026-13028) rated for sandbox escape, a critical missing authorisation flaw in Exchange Online (CVE-2026-48582), and an improper authentication vulnerability in Azure Active Directory (CVE-2026-45480), all disclosed within the current patch cycle.

Top Stories

  1. Russian Intelligence Services Continue to Target Commercial Messaging Applications
  2. Yokogawa FAST/TOOLS and CI Server
  3. CC-4800 - Critical Vulnerabilities in Ubiquiti UniFi OS Devices
  4. CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms

Full brief available to subscribers

The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

← All briefs