Browser Security Brief: No New Critical Browser Threats Reported

References

1. Microsoft Copilot (Microsoft 365): Newly created Declarative Agents now understand referenced scanned PDFs - Microsoft
2. Microsoft Teams: Ad-hoc room reservation from Teams Rooms on Android console - Microsoft
3. Microsoft Teams: Ad-hoc room reservation from Teams Rooms on Windows console - Microsoft
4. SharePoint: Microsoft 365 Archive in GCC-L - Microsoft
5. Microsoft Teams: Teams button on certified for Microsoft Teams personal peripheral devices one-click access to voice in Microsoft 365 Copilot within the Teams mobile app (iOS). - Microsoft
6. New Osiris Ransomware Emerges as New Strain Using POORTRY Driver in BYOVD Attack - The Hacker News
7. Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access - The Hacker News
8. ThreatsDay Bulletin: Pixel Zero-Click, Redis RCE, China C2s, RAT Ads, Crypto Scams & 15+ Stories - The Hacker News
9. Filling the Most Common Gaps in Google Workspace Security - The Hacker News
10. Malicious PyPI Package Impersonates SymPy, Deploys XMRig Miner on Linux Hosts - The Hacker News
11. SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release - The Hacker News
12. Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations - The Hacker News
13. Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex - The Hacker News
14. How Mozilla builds now - Mozilla Blog
15. SmarterMail auth bypass flaw now exploited to hijack admin accounts - BleepingComputer
16. FortiGate firewalls hit by silent SSO intrusions and config theft - The Register
17. Critical Vivotek Vulnerability Allows Remote Users to Inject Arbitrary Code - Cybersecurity News
18. TCC Bypass vulnerability in Inkscape application for MacOS - CERT.PL
19. FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data - Cybersecurity News
20. NCSC verwacht misbruik van kritiek lek bij publiek toegankelijke telnet-servers - Security.nl
21. CISA Warns of Cisco Unified CM 0-Day RCE Vulnerability Exploited in Attacks - Cybersecurity News
22. Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware - The Cyber Express
23. Ancient telnet bug happily hands out root to attackers - The Register
24. Hackers breach Fortinet FortiGate devices, steal firewall configs - BleepingComputer
25. Vulnerabilities in Quick.Cart software - CERT.PL
26. Another week, another emergency patch as Cisco plugs Unified Comms zero-day - The Register
27. “Enjoy Your Admin Access”: Critical SmarterMail RCE Exploited in the Wild - SecurityOnline.info
28. Beheerders melden aanvallen op volledig gepatchte Fortinet FortiGate-firewalls - Security.nl
29. BIND 9 Vulnerability Allow Attackers to Crash Server by Sending Malicious Records - Cybersecurity News
30. Critical Vulnerability in Binary-Parser Library for Node.js Allows Malicious Code injection - Cybersecurity News
31. Critical Chainlit AI Vulnerabilities Let Hackers Gain Control Over Cloud Environments - Cybersecurity News
32. Cisco dicht actief misbruikte RCE-kwetsbaarheid in Unified Communications - Security.nl
33. CVE-2025-15521 (CVSS 9.8): Critical Academy LMS Flaw Exploited for Admin Takeover - SecurityOnline.info
34. Machine learning–powered Android Trojans bypass script-based Ad Click detection - Security Affairs
35. Critical SmarterMail vulnerability under attack, no CVE yet - Security Affairs
36. Arctic Wolf detects surge in automated Fortinet FortiGate firewall configuration attacks - Security Affairs
37. U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog - Security Affairs
38. Cisco fixed actively exploited Unified Communications zero day - Security Affairs