# Today's Top Stories

July 17, 2026

  1. 1
    0
    BleepingComputer general Jul 16
    Coca-Cola says Fairlife ransomware attack halts US dairy production

    Coca-Cola's Fairlife dairy subsidiary suffered a ransomware attack that temporarily suspended all US dairy production operations. This represents a significant critical infrastructure impact, demonstrating ransomware's ability to disrupt physical food supply chains beyond traditional IT systems.

  2. 2
    0
    BleepingComputer general Jul 16
    Scattered Spider members behind TfL hack get five years in prison

    Owen Flowers (18) and Thalha Jubair (20), members of the Scattered Spider cybercrime collective, were each sentenced to 5.5 years at Woolwich Crown Court for the 2024 hack of Transport for London. The attack rendered 148 TfL systems inoperable, forced all 27,000 employees to reset passwords in-person, and caused losses estimated at £29 million.

  3. 3
    0
    BleepingComputer general Jul 16
    CISA orders feds to patch actively exploited Oracle flaw by Saturday

    CISA issued an emergency directive ordering federal agencies to patch a critical actively-exploited vulnerability in Oracle E-Business Suite by Saturday. The flaw is under active attack, and the tight patching deadline reflects the severity of ongoing exploitation against financial application infrastructure.

  4. 4
    0
    SecurityWeek general Jul 15
    CISA Urges Immediate Patching of Exploited SharePoint Vulnerabilities

    CISA is urging immediate patching of three actively exploited Microsoft SharePoint vulnerabilities, including two that were targeted as zero-days before patches were available. SharePoint's widespread deployment in enterprise environments makes unpatched instances high-value targets for initial access.

  5. 5
    0
    Ars Technica Security general Jul 15
    Windows 0-day drops the same day Microsoft releases record number of patches

    A Windows zero-day dubbed 'LegacyHive' (HiveLegacy) was publicly dropped on the same day Microsoft released its record-setting Patch Tuesday, July 2026. The researcher described it as a 'powerful primitive' with potential for further exploitation beyond its disclosed capability, and released a stripped PoC to limit immediate weaponization.

  6. 6
    0
    CyberScoop general Jul 15
    SonicWall customers under threat as attackers exploit 2 zero-days

    Attackers are actively chaining two SonicWall zero-day vulnerabilities, which were first exploited approximately three weeks before the vendor disclosed and patched them. The pre-patch exploitation window significantly increases risk for SonicWall customers who were unaware of ongoing attacks.

  7. 7
    0
    The Hacker News general Jul 15
    Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws

    Mozilla patched two critical Firefox vulnerabilities — CVE-2026-15718 (invalid pointer in WebAssembly) and CVE-2026-15719 (site isolation flaw in DOM Navigation) — with public exploit code already available for both. The same update cycle also addressed critical flaws in Chrome, Adobe, and VMware products.

  8. 8
    0
    The Hacker News general Jul 16
    Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

    Zoom patched CVE-2026-53412 (CVSS 9.8), an improper input validation flaw in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows that could enable unauthenticated account takeover. The critical severity score and broad product surface make immediate patching essential for enterprise environments.

  9. 9
    0
    BleepingComputer general Jul 16
    23andMe to pay $18 million in new genetics data breach settlement

    23andMe agreed to pay $18 million to settle a multistate enforcement action led by a coalition of 43 attorneys general stemming from the genetic data breach that exposed sensitive customer information. The settlement underscores growing state-level accountability for negligent handling of highly sensitive biometric and genetic data.

  10. 10
    0
    The Hacker News general Jul 16
    Daxin Resurfaces in Taiwan Alongside Stupig Pre-Login SYSTEM Backdoor

    The China-linked Daxin kernel-mode rootkit ('srt64.sys'), first documented by Symantec in March 2022, has resurfaced after four years inside a Taiwan manufacturing firm alongside a previously undocumented backdoor called Stupig that enables pre-login SYSTEM-level access. The reemergence of this advanced implant in critical manufacturing infrastructure signals continued Chinese APT interest in Taiwan's industrial sector.