Today’s Briefing
CISA added CVE-2026-45659 to the Known Exploited Vulnerabilities catalogue, a deserialization flaw in Microsoft SharePoint Server that allows authorised attackers to execute code remotely and is now confirmed under active exploitation. Google released Chrome 150.0.7871.47 with 382 security fixes including 15 rated critical, six of which are sandbox escape vulnerabilities affecting ANGLE, the updater component on Windows, WebAppInstalls on macOS, Cast, and media handling. Citrix published an advisory for CVE-2026-8451, an unauthenticated memory disclosure in NetScaler ADC and NetScaler Gateway when configured as a SAML identity provider.
Top Stories
Full brief available to subscribers
The complete operator brief — action items with patch deadlines, the vulnerability appendix and named actor activity — goes out by email each morning. Subscribe free to receive it.
Get the brief at 07:00, every weekday.
The day's UK security intelligence, read and ranked so you start informed: the stories that matter, the IOCs your SIEM needs, and the actions worth taking first.