STRATQUAD
CYBER THREAT INTELLIGENCE BRIEF
Daily Brief · 30 June 2026 · 24h windowRISKMEDIUM
StratQuad CTI Daily Brief, 30 June 2026
Compiled from 52 monitored sources · 656 articles reviewed

Today’s Briefing

CVE-2026-48558, an authentication bypass in SimpleHelp's OIDC flow that accepts identity tokens without verifying cryptographic signatures, has been added to CISA's Known Exploited Vulnerabilities catalogue following evidence of active exploitation. NHS Digital has issued a high severity alert for CVE-2026-46817 in Oracle E-Business Suite Payments, which permits unauthenticated remote takeover of the component. Microsoft removed 119 malicious Edge extensions that delivered malware hidden in images, and separate reporting describes a Chromium extension campaign using AI branding to redirect browser search traffic.

Top Stories

  1. CC-4803 - Exploited Critical Vulnerability in the Oracle Payments Component of Oracle E-Business Suite
  2. CISA Adds One Known Exploited Vulnerability to Catalog
  3. 119 Edge extensions promised useful tools, instead downloaded malware
  4. Factoring RSA Keys with Many Zeros

Full brief available to subscribers

The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.

Get the brief at 07:00, every weekday.

The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.

← All briefs