Weekly Threat Digest: JUNE 22 to JUNE 28 2026

Download Now

HiveForce Labs has reported a sharp rise incybersecurity threats, highlighting the growing complexity and frequency ofglobal cyber incidents. Over the past week, sevenmajor attacks were detected, twovulnerabilities were identified, and onethreat actor group was closely monitored, signaling a concerning escalation inmalicious activity worldwide.

A newly disclosed informationdisclosure vulnerability, CVE-2026-47729, dubbed Squidbleed, affects the widely used Squid webproxy. Rooted in a decades-old parsing bug in Squid's FTP gateway, the flawallows a malicious FTP server to trigger an out-of-bounds memory read,potentially exposing sensitive fragments of previously processed data, such asHTTP requests and authentication headers, to remote attackers.

A critical unauthenticated remotecode execution vulnerability, CVE-2026-12569, has been identified in PTCWindchill PDMLink and FlexPLM, stemming from unsafedeserialization of untrusted input. Active exploitation has been confirmed inthe wild and given the platform's deep integration into manufacturing andsupply-chain environments, immediate remediation is strongly advised.

The Edgecution campaign represents asophisticated browser-based intrusion chain targeting enterprise environmentsthrough social engineering. Threat actors impersonate IT support staff viaMicrosoft Teams, directing victims to a fake Outlook update portal that silentlydeploys a malicious Microsoft Edge browser extension. Together, these incidentsunderscore a growing trend of hybrid cyber operations that combine technicalexploitation with social engineering, reinforcing the need for timely patching,continuous monitoring, and layered security defenses.