Critical and high advisories active
Featured advisory / AI-NEWS
GCC threat operations brief
Live signal from current advisories, active CVEs, and sector exposure across the Cyberttak intelligence desk.
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
Cyberattackers are using old, unused GitHub accounts to secretly map out corporate software projects and internal structures, making their malicious activity look like normal traffic.
LIVE THREAT DASHBOARD
Operational exposure snapshot
Tracked in the live CVE ticker
Unique sectors under watch
Campaigns referencing ransomware behavior
Primary intelligence coverage
WEEKLY INTEL BRIEF
Decision-ready threat digest
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Key CVE
CVE-2026-45659
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerabi…
Affected Sectors
Recommended Action
Criminals are creating fake versions of software tools for popular online payment services like Paysafe, Skrill, and Neteller. They are placing these fake tools on websites where programmers usually get software. When someone uses these fake tools, the criminals can steal their usernames and passwords for their payment accounts, which could lead to money being stolen.
GCC / MENA REGION WATCH
Country exposure watch list
Prioritize the current advisory feed through the operational sectors most relevant to GCC and MENA teams.
current advisories assessed for regional sector relevance
Signal counts show advisory relevance to each country’s priority sectors. They are not a measure of confirmed incidents or victim volume.
Open live intelligence feedSaudi Arabia
relevant signals
Watch focus: Energy · Government · Enterprise
United Arab Emirates
relevant signals
Watch focus: Finance · Government · Enterprise
Qatar
relevant signals
Watch focus: Energy · Government · Telecom
Kuwait
relevant signals
Watch focus: Energy · Finance · Government
Bahrain
relevant signals
Watch focus: Finance · Government
Oman
relevant signals
Watch focus: Energy · Enterprise · Logistics
Jordan
relevant signals
Watch focus: Government · Enterprise · Education
Audience Views
Open a focused sector landing view for the current threat feed.
Global Threat Search
Search across CVEs, products, sectors, severity, threat vectors, and IoCs.
Feed (54)
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
Cyberattackers are using old, unused GitHub accounts to secretly map out corporate software projects and internal structures, making their malicious activity look like normal traffic.
Microsoft Patches Defender 'RoguePlanet' Privilege Escalation Vulnerability
Microsoft has fixed a security problem in its Defender antivirus software. This problem, called 'RoguePlanet', could have allowed someone with limited access to a computer to gain more control over it. The fix was included in a recent update to Defender's security engine.
Microsoft to retire the OWA Light client in Exchange Server
Microsoft is planning to remove a simpler version of its Outlook web email called OWA Light from future Exchange Server updates. This means people who use OWA Light, perhaps because they have an older browser or need simpler access, will need to use the regular Outlook web version or other Outlook apps instead.
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Bogus software packages pretending to be for online payment apps like Paysafe and Skrill are being used on popular software platforms to trick people into giving away their login details.
CVE-2026-45659: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Cyberttak is tracking CVE-2026-45659 in Microsoft SharePoint Server, a CISA Known Exploited Vulnerability added on 2026-07-01 with CVSS 8.8 and EPSS 3.2%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-48558: SimpleHelp Authentication Bypass Vulnerability
Cyberttak is tracking CVE-2026-48558 in SimpleHelp, a CISA Known Exploited Vulnerability added on 2026-06-29 with CVSS 9.5 and EPSS 1.2%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Cyberttak is tracking CVE-2026-20230 in Cisco Unified Communications Manager, a CISA Known Exploited Vulnerability added on 2026-06-25 with CVSS 8.6 and EPSS 41.7%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-12569: PTC Windchill and FlexPLM Improper Input Validation Vulnerability
Cyberttak is tracking CVE-2026-12569 in PTC Windchill and FlexPLM, a CISA Known Exploited Vulnerability added on 2026-06-25 with CVSS 9.3 and EPSS 1.1%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability
Cyberttak is tracking CVE-2026-34908 in Ubiquiti UniFi OS, a CISA Known Exploited Vulnerability added on 2026-06-23 with CVSS 10 and EPSS 2.5%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability
Cyberttak is tracking CVE-2026-34909 in Ubiquiti UniFi OS, a CISA Known Exploited Vulnerability added on 2026-06-23 with CVSS 10 and EPSS 2.3%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability
Cyberttak is tracking CVE-2026-34910 in Ubiquiti UniFi OS, a CISA Known Exploited Vulnerability added on 2026-06-23 with CVSS 10 and EPSS 78.6%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2025-67038: Lantronix EDS5000 Code Injection Vulnerability
Cyberttak is tracking CVE-2025-67038 in Lantronix EDS5000, a CISA Known Exploited Vulnerability added on 2026-06-23 with CVSS 9.8 and EPSS 1.1%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-20253: Splunk Enterprise Missing Authentication for Critical Function Vulnerability
Cyberttak is tracking CVE-2026-20253 in Splunk Enterprise, a CISA Known Exploited Vulnerability added on 2026-06-18 with CVSS 9.8 and EPSS 88.2%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-48907: Widget Factory Joomla Content Editor Improper Access Control Vulnerability
Cyberttak is tracking CVE-2026-48907 in Widget Factory Joomla Content Editor, a CISA Known Exploited Vulnerability added on 2026-06-16 with CVSS 10 and EPSS 80.4%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability
Cyberttak is tracking CVE-2026-20262 in Cisco Catalyst SD-WAN Manager, a CISA Known Exploited Vulnerability added on 2026-06-15 with CVSS 6.5 and EPSS 7.7%. The advisory highlights exposed assets, patch urgency, and practical defensive checks for GCC and MENA security teams.
> Zero-Day Bulletins
Get technically rigorous threat intelligence briefs and mitigation scripts delivered straight to your inbox.