Daily Digest

Joomla Zero-Days, AI Risks, and Global Cyber Sanctions Highlighted

Joomla Zero-Days, AI Risks, and Global Cyber Sanctions Highlighted

July 14, 2026
10 articles (9 new, 1 updated)
30 min read

Summary

This daily summary covers critical cybersecurity updates and new threats impacting organizations globally. CISA has issued an update on two actively exploited Joomla zero-day vulnerabilities, specifically detailing the patched version for the iCagenda extension (CVE-2026-48939) to mitigate remote code execution flaws. In Canada, financial regulators are warning banks about AI risks, citing Anthropic's Claude Mythos and its potential to accelerate vulnerability exploitation. The EU and UK have jointly sanctioned Russian GRU and FSB officers, attributing energy grid attacks to the FSB and targeting malware developers and disinformation entities.

Employee behavior remains a significant risk, with a WatchGuard report highlighting widespread "shadow AI" use and persistent password reuse, creating visibility gaps for businesses. ISC2 research indicates AI is increasing the need for human oversight in cybersecurity roles, with professionals spending more time validating AI outputs and facing accountability for AI errors.

Several data breaches have been disclosed: Ohio's Wildwood Surgical Center is notifying patients of a breach from June 2025 affecting sensitive health and financial data, with a significant delay in notification. The Akira ransomware group claims an attack on marketing firm Ironmark, threatening to release exfiltrated employee and corporate data. Estée Lauder has also reported a breach exposing Social Security numbers, financial details, and health information.

In enforcement actions, the U.S. Treasury has sanctioned VPN provider 1VPNS for facilitating ransomware attacks, alongside its administrator and a malware seller. Finally, the D1R ransomware group claims a supply chain attack on Bosch, leveraging information stolen from a prior compromise at Synopsys, underscoring the risks of interconnected technology ecosystems.

Filter by Category

New Articles (9)

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.