Daily Recap, Microsoft’s record July Patch Tuesday delivered 622 fixes, including 2–3 actively exploited zero-days, alongside Windows 11 cumulative updates and an extended security update for Windows 10 as organizations rush to remediate. SAP, Adobe, and VMware pushed urgent high-severity patches, SonicWall warned SMA1000 flaws are being exploited as zero-days, CISA urged updates for actively exploited SharePoint issues, and security investigations targeted cybercrime infrastructure linked to ransomware enablers as phishing and malvertising campaigns continued to evolve. #Microsoft #Windows11 #Windows10 #SAP #Adobe #VMware #NetWeaver #ColdFusion #VMwareAvi #AviLoadBalancer #SonicWall #SMA1000 #SharePoint #ProgressShareFile #FirstVPN #ClickFix #LastPass #Bitwarden #Artlist #EDR #BindLink #NATO #GoldEagle
Patch Tuesday
- Microsoft released a massive 622-flaw July Patch Tuesday update, including 2–3 actively exploited zero-days, alongside new Windows 11 cumulative updates and an extended security update for Windows 10 as admins race to apply fixes. – Record Patch, Record Flaws, Mother of All, July Patch, Windows 11 Update, Windows 10 ESU
- SAP, Adobe, and VMware shipped urgent fixes for a CVSS 9.9 NetWeaver ABAP flaw, critical ColdFusion bugs, and 7 severe Avi Load Balancer vulnerabilities that could enable data exposure or modification. – SAP Flaw, ColdFusion Fix, VMware Fix
- SonicWall warned that SMA1000 flaws are being exploited as zero-days, urging immediate patching after similar urgent advisories surfaced for its SMA product line. – SMA Warning, SMA1000 Zero-Days
- CISA urged admins to patch actively exploited SharePoint vulnerabilities, while Progress ShareFile confirmed a zero-day was behind its Storage Zone shutdown. – SharePoint Alert, ShareFile Zero-Day
Threat Ops
- The US charged Russian individuals and firms linked to cybercrime services and bulletproof hosting, while also sanctioning First VPN and related enablers for supporting ransomware groups. – Cybercrime Services, Bulletproof Hosts, Indictment, VPN Sanctions
- Spanish police dismantled a €140 million cyber fraud ring, arresting 4 suspects, while Finland issued a wanted notice for the hacker behind the massive Vastaamo psychotherapy breach. – Fraud Ring, Vastaamo Hunt
Malware & Phishing
- Researchers found nearly 300 GitHub repos masquerading as legitimate software to distribute malware, highlighting a growing supply-chain style lure campaign. – Fake Repos
- A reported infostealer infection at Artlist evolved into a sophisticated ClickFix campaign, while LastPass and Bitwarden users were targeted with fake security alerts. – ClickFix Campaign, Fake Alerts
- A Windows bind-link attack technique can hide malware from EDR tools, weakening endpoint visibility for defenders. – Bind-Link Attack
Espionage & Infrastructure
- Russian intelligence is reportedly compromising cameras to monitor NATO logistics and Ukrainian troop movements, underscoring ongoing surveillance operations in Europe. – Camera Hacks
- The White House outlined a new Gold Eagle clearinghouse to coordinate responses to AI-driven cyber threats. – Gold Eagle
Platform & Device Issues
- Microsoft said some Dell PCs are shutting down after recent Windows updates, adding an operational issue to an already heavy patch cycle. – Dell Shutdowns
- A virtual Cloud & Data Security Summit was announced for today. – Cloud Summit