# Today's Top Stories

July 16, 2026

  1. 1
    0
    BleepingComputer general Jul 14
    Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

    Microsoft's July 2026 Patch Tuesday is a record-breaking release covering 570 vulnerabilities, including two actively exploited zero-days in Active Directory and SharePoint Server, plus a publicly disclosed BitLocker flaw. The patch load nearly triples June's previous record, with Microsoft attributing the surge to AI-assisted vulnerability discovery. Security teams face an enormous triage burden with over 60 critical CVEs requiring immediate attention.

  2. 2
    0
    The Hacker News general Jul 15
    Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

    SonicWall disclosed two actively exploited zero-days in its SMA 1000 series appliances: CVE-2026-15409 (CVSS 10.0), a server-side request forgery flaw enabling unauthenticated remote command execution, and CVE-2026-15410. Researchers note the vulnerabilities were chained together and were exploited roughly three weeks before SonicWall disclosed and patched them, meaning defenders had no window to respond. SMA 1000 appliances are widely deployed as enterprise remote access gateways.

  3. 3
    0
    BleepingComputer general Jul 15
    CISA warns admins to patch actively exploited SharePoint flaws

    CISA issued an urgent warning that attackers are actively exploiting three vulnerabilities in on-premises Microsoft SharePoint Server, two of which were targeted as zero-days before patches were available. The advisory coincides with Microsoft's July 2026 Patch Tuesday and Progress Software confirming a separate zero-day behind a ShareFile Storage Zones Controller disruption. Organizations running internet-exposed SharePoint instances should treat patching as an emergency priority.

  4. 4
    0
    The Hacker News general Jul 15
    Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

    Hours after Microsoft's July Patch Tuesday, researcher Chaotic Eclipse (aka Nightmare-Eclipse) released a public PoC exploit dubbed LegacyHive targeting the Windows User Profile Service (ProfSvc), described as an arbitrary hive load elevation-of-privilege vulnerability. The exploit provides a powerful privilege escalation primitive, and the researcher warned it is likely capable of broader malicious actions beyond what was demonstrated. The simultaneous release of a PoC on Patch Tuesday significantly compresses the patching window for defenders.

  5. 5
    0
    Ars Technica Security general Jul 14
    Microsoft’s Secure Boot has been broken for a decade and no one noticed until now

    A decade-old Secure Boot blind spot has been uncovered: nearly a dozen vulnerable UEFI shim bootloaders that Microsoft failed to revoke remained trusted in the Secure Boot chain for years, giving attackers a reliable path to bypass Secure Boot protections on affected systems. The oversight affects devices across multiple vendors and underscores the critical importance of maintaining the UEFI revocation database. No patch can fully close the gap until the revocation lists are updated across the installed base.

  6. 6
    0
    BleepingComputer general Jul 15
    US charges alleged operators of Russian bulletproof hosting service

    U.S. federal prosecutors unsealed charges against three Russian nationals accused of operating bulletproof hosting services that sheltered ransomware gangs responsible for over $62 million in damages to victims worldwide. The defendants had already been sanctioned by the U.S. and allied governments prior to the criminal charges. The indictment is part of a broader DOJ effort targeting the Russian cybercrime infrastructure ecosystem.

  7. 7
    0
    Krebs on Security threat-intel Jul 14
    Microsoft Patches a Record 570 Security Flaws

    Microsoft patched at least 570 security vulnerabilities in its July 2026 Patch Tuesday — nearly triple the June record — with the company explicitly crediting AI-assisted vulnerability discovery for the surge. Krebs on Security reports the scale is unprecedented in Microsoft's patch history. The disclosure volume is straining enterprise patch management workflows and may signal a permanent shift in the cadence of vulnerability disclosure.

  8. 8
    0
    BleepingComputer general Jul 14
    New phishing kits target Microsoft 365 accounts, evade MFA

    Two newly identified phishing kits, Jalisco and OmegaLord, are actively targeting Microsoft 365 accounts using adversary-in-the-middle techniques to bypass multi-factor authentication. The kits intercept session tokens in real time, rendering standard MFA ineffective against credential theft. Their discovery reinforces findings from a separate Dark Reading report showing MFA was deployed but failed in 97% of credential-based ransomware attacks last year.

  9. 9
    0
    The Hacker News general Jul 15
    Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

    Four packages in the @asyncapi npm namespace — including @asyncapi/[email protected] and @asyncapi/specs versions 6.11.2 and 6.11.2-alpha.1 — were compromised in a supply chain attack delivering a multi-stage botnet loader, according to joint findings from OX Security, SafeDep, Socket, and StepSecurity. The AsyncAPI toolchain is widely used in event-driven API development, making downstream exposure significant for enterprise JavaScript/Node.js environments. Developers using these packages should audit their dependency trees and rotate any secrets accessible from affected build environments.

  10. 10
    0
    The Record threat-intel Jul 15
    23andMe reaches $18 million settlement with states for massive breach

    A coalition of 42 state attorneys general reached an $18 million settlement with 23andMe over cybersecurity failures tied to the company's massive genetic data breach. The settlement holds the company accountable for inadequate protection of highly sensitive biometric and health data belonging to millions of Americans. This multi-state enforcement action marks one of the most significant data breach settlements involving genetic information to date.