Western Canada’s defenders face an exceptionally high-risk week with three critical vulnerabilities actively exploited in the wild: Oracle PeopleSoft authentication bypass, Ivanti Sentry RCE, and Microsoft Defender privilege escalation. Microsoft’s record 200 patches, combined with persistent Chinese-linked authentication compromises spanning a decade, demand immediate action across post-secondary, healthcare, government, and finance sectors.

This week’s highlights:

• Oracle PeopleSoft PeopleTools authentication bypass (CVE affecting post-secondary, finance, healthcare, government) under active exploitation for data theft—prioritize patching immediately.
• Ivanti Sentry OS command injection enables unauthenticated root RCE with CISA 3-day federal patch deadline; critical for government and healthcare asset owners.
• Chinese-linked threat actors maintain decade-long authentication compromise across all five target sectors—review access logs and rotate credentials on affected systems.
• Microsoft releases record 200 security patches in June 2026 Patch Tuesday including critical Defender RoguePlanet privilege escalation (SYSTEM-level access).
• Arch Linux supply-chain attack compromised 400+ packages with rootkit/infostealer malware, affecting post-secondary and research institutions.
• Palo Alto GlobalProtect authentication bypass exploitation surge detected; validate VPN and remote access controls across all sectors.

Watchlist: Monitor for exploitation of SAP critical flaws, ServiceNow API incidents, and signs of Gentlemen ransomware activity targeting Western Canada organizations. Watch for supply-chain attack preparation indicators emerging on dark web markets targeting MSPs and enterprise infrastructure providers.