Back to articles

Tag archive

#cyberattack

S
Jul 16, 2026

SonicWall SMA 1000 Zero-Days Actively Exploited in Attacks

SonicWall has released urgent security patches for two zero-day vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting its SMA 1000 series appliances. Threat actors are chaining the flaws—a server-side request forgery (SSRF) and a code injection bug—to achieve unauthenticated remote code execution with root privileges. Rapid7 reported observing exploitation in the wild since late June 2026, weeks before patches were available. CISA has added both vulnerabilities to its KEV catalog, mandating immediate action for federal agencies.

Jul 16, 20264 min read0 reactions0 comments
A
Jul 16, 2026

AssuranceAmerica Data Breach Exposes PII of 6.9 Million

Insurance provider AssuranceAmerica has disclosed a data breach that exposed the personal information of approximately 6.9 million people. The incident, which occurred in March 2026, resulted from an attack targeting an employee. An unauthorized party gained access to the company's IT systems and copied files containing names, driver's license numbers, and, for some, Social Security numbers. The company is now notifying affected individuals and offering credit monitoring services.

Jul 16, 20264 min read0 reactions0 comments
D
Jul 13, 2026

Dutch Hackers Implicated in Odido Telecom Data Breach

Dutch law enforcement suspects local criminals were behind a recent data breach at Odido, a major telecommunications provider in the Netherlands. The attack exposed the personal data of approximately six million customers. The breach was initiated through a phishing attack, where a Dutch-speaking individual impersonated an IT employee over the phone to gain initial access to a customer contact system. While Odido states that sensitive data like passwords, financial details, and call logs were not compromised, the exposed information could still be used for further phishing and fraud. The Dutch High Tech Crime Team is investigating and has urged the impersonator to come forward.

Jul 13, 20264 min read0 reactions0 comments
A
Jul 13, 2026

APT-C-60 Abuses GitHub, Proton Drive to Deliver SpyGlace

The threat group APT-C-60 is continuing its cyber-espionage campaigns against organizations in Japan, employing updated tactics to deliver the 'SpyGlace' malware. According to JPCERT/CC, the attackers are abusing a chain of legitimate online services—including Proton Drive, jsDelivr, GitHub, GitLab, and Codeberg—to host and retrieve malicious components. This 'living off the trusted service' approach helps the attackers evade network-based detection by blending their traffic with legitimate developer and cloud service activity. The campaign begins with spear-phishing and uses a multi-stage infection process to deploy the final SpyGlace payload.

Jul 13, 20264 min read0 reactions0 comments
A
Jul 12, 2026

Australian Cyber Security Centre Issues Alert on Mass Exploitation of CMS Vulnerabilities

The Australian Cyber Security Centre (ACSC) has issued a high-priority alert about a large-scale global campaign exploiting at least 17 known vulnerabilities in popular Content Management Systems (CMS) like WordPress and Joomla, and their plugins. Attackers are actively scanning for and exploiting these unpatched flaws to deploy webshells, enabling persistent access for data theft, malware distribution, and further network compromise. The ACSC urges all organizations to patch their systems immediately and inspect for signs of compromise.

Jul 12, 20264 min read0 reactions0 comments
K
Jul 18, 2026

Kenyan Presidential Website Compromised in Cyberattack

The official website of Kenyan President William Ruto was compromised in a cyberattack on July 18, 2026. The government confirmed the incident and temporarily restricted access to conduct an investigation. While officials stated there is no evidence of sensitive data theft, reports indicate the attackers defaced the site and demanded a ransom of five bitcoins (approximately $320,000 USD). The attack highlights the increasing cyber threats facing Kenya's digital infrastructure.

Jul 18, 20263 min read0 reactions0 comments
F
Jul 18, 2026

Fairlife Production Suspended Following Ransomware Incident

Fairlife, a dairy subsidiary of The Coca-Cola Company, has temporarily suspended its U.S. production operations following a ransomware attack. The incident compromised production-related systems, forcing an immediate shutdown to contain the threat. This attack underscores a growing trend of cybercriminals targeting the food and agriculture sector, which has seen a significant increase in both opportunistic and targeted attacks throughout 2026. Law enforcement has been notified, and an investigation is underway to determine the scope and origin of the attack.

Jul 18, 20263 min read0 reactions0 comments
C
Jul 18, 2026

CISA KEV Catalog Adds SharePoint RCE Flaw CVE-2026-58644

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SharePoint Server vulnerability, CVE-2026-58644, to its Known Exploited Vulnerabilities (KEV) catalog. The 9.8 CVSS RCE flaw is being actively exploited as a zero-day. CISA has mandated that federal agencies apply patches by July 19, 2026, and warns that attackers are chaining it with three other SharePoint flaws for full server compromise. All organizations with on-premises SharePoint servers are urged to patch immediately.

Jul 18, 20263 min read0 reactions0 comments
C
Jul 17, 2026

CISA KEV: Oracle E-Business Suite Flaw CVE-2026-46817

CISA has added CVE-2026-46817, a critical improper privilege management vulnerability in Oracle E-Business Suite, to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, rated 9.8 CVSS, allows a remote, unauthenticated attacker to completely take over the Oracle Payments module. Due to evidence of active exploitation, CISA has mandated an aggressive three-day patching deadline of July 18, 2026, for federal agencies. The vulnerability affects EBS versions 12.2.3 through 12.2.15 and was originally patched in Oracle's May 2026 update. Organizations are urged to patch immediately to prevent exposure of sensitive financial data.

Jul 17, 20264 min read0 reactions0 comments
N
Jul 17, 2026

Nichirei Cyberattack Disrupts Japanese Food Supply Chain

Japanese logistics giant Nichirei Corporation suffered a major cyberattack, causing significant disruption to the nation's food supply chain. The attack, detected on July 13, forced the company to halt operations at its refrigerated warehouses, impacting major clients like KFC Japan, which warned of potential store closures. The shutdown also affected retailer Aeon and restaurant operator Colowide. Nichirei, Japan's largest cold-chain operator, has since begun a phased resumption of services. The company has not disclosed the nature of the attack but confirmed some servers contained personal information.

Jul 17, 20264 min read0 reactions0 comments
F
Jul 17, 2026

Fairlife Halts Production After Ransomware Attack

Fairlife, a dairy subsidiary of The Coca-Cola Company, has suspended all U.S. production after a ransomware attack compromised its IT and operational technology networks. The breach was detected on July 16, 2026, leading to an immediate shutdown of affected systems and the launch of an incident response investigation with external experts and law enforcement. While products currently in stores are deemed safe, the halt in production at plants across the U.S. could lead to product shortages. The identity of the threat actor and the full financial impact are not yet known.

Jul 17, 20264 min read0 reactions0 comments
C
Jul 17, 2026

CISA Adds SharePoint RCE CVE-2026-58644 to KEV Catalog

CISA has added CVE-2026-58644, a critical remote code execution (RCE) vulnerability in Microsoft SharePoint Server, to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, rated 9.8 CVSS, was exploited as a zero-day before a patch was available. It allows an authenticated attacker with 'Site Owner' privileges to execute arbitrary code. Microsoft addressed the issue in its July 14 Patch Tuesday update. CISA has mandated federal agencies to patch by July 19, 2026, and urges all organizations to update systems, enable AMSI, and hunt for signs of compromise.

Jul 17, 20264 min read0 reactions0 comments