STRATQUAD
CYBER THREAT INTELLIGENCE BRIEF
Daily Brief · 28 June 2026 · 24h windowRISKLOW
StratQuad CTI Daily Brief, 28 June 2026
Compiled from 52 monitored sources · 125 articles reviewed

Today’s Briefing

Microsoft reports a phishing campaign running since April 2026 against hospitality organisations using fake guest complaint emails to deliver TonRAT with resilient persistence mechanisms. The FBI and CISA updated their March advisory on Russian intelligence phishing to note that operators now prioritise stealing Signal backup recovery keys for long-term account access rather than verification codes alone. Six critical CVEs published today span Chrome on Android WebGL use-after-free flaws (CVE-2026-13032, CVE-2026-13028), Microsoft Exchange Online privilege escalation (CVE-2026-48582), Azure Active Directory authentication bypass (CVE-2026-45480), and Apache APISIX vulnerabilities including authentication bypass in the jwe-decrypt plugin (CVE-2026-49230) and CSRF in cas-auth (CVE-2026-49871).

Top Stories

  1. Hospitality Sector Hit by Phishing Campaign Using Fake Guest Complaint Emails
  2. New FBI Alert: Russian Intelligence Uses Signal Recovery Keys to Access Messages
  3. Malware steals Chrome session cookies to take over your accounts

Full brief available to subscribers

The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

← All briefs