Daily Digest

July 2026 Cybersecurity: Patch Tuesday, Supply Chain Attacks, and New Botnets

July 2026 Cybersecurity: Patch Tuesday, Supply Chain Attacks, and New Botnets

July 15, 2026
4 articles (4 new)
12 min read

Summary

Microsoft's July 2026 Patch Tuesday addresses over 570 vulnerabilities, including two zero-day flaws actively exploited in the wild. These zero-days, affecting Active Directory Federation Services (CVE-2026-56155) and SharePoint Server (CVE-2026-56164), have been added to CISA's Known Exploited Vulnerabilities catalog, necessitating urgent patching for federal agencies and all organizations. The update also includes fixes for numerous critical Remote Code Execution (RCE) vulnerabilities.

A sophisticated supply chain attack has compromised several official AsyncAPI npm packages. Attackers leveraged the project's CI/CD pipeline to publish malicious versions containing the Miasma RAT, a payload targeting Windows, macOS, and Linux systems. This attack bypassed typical defenses by utilizing valid npm OIDC provenance attestations, underscoring risks in modern software development workflows.

Separately, a phishing campaign known as 'SeasonalInvite' is using fake eCard invitations to trick users into installing legitimate Remote Monitoring and Management (RMM) tools like ConnectWise, LogMeIn, and Kaseya. This tactic allows attackers to gain persistent remote access to Windows and macOS systems, evading traditional antivirus defenses and enabling further malicious activities.

Finally, researchers have identified TuxBot v3 Evolution, a modular IoT botnet framework partially developed with LLM assistance. Derived from existing botnet families, it targets IoT devices for DDoS attacks, primarily through brute-forcing Telnet credentials. While some LLM-assisted components are non-functional, the core infection and DDoS capabilities are operational, indicating an evolving threat to IoT device security.

Filter by Category

New Articles (4)

📢 Share This Publication

Help others stay informed about cybersecurity threats

📅 Daily Edition

Curated and deduplicated every day from dozens of trusted sources — giving you one clean, consolidated view of what matters in cybersecurity.

🔢 Deduplication Applied

Related stories are merged into a single evolving article rather than repeated as separate entries — cutting through noise so you only read what's new.

🔗 Full Articles Linked

Every entry links to its full enriched article — complete with MITRE ATT&CK mappings, extracted IOCs, and actionable detection and mitigation guidance.