- Critical SSRF in SMA1000 Workplace interface, actively exploited
- High-severity post-auth code injection in SMA1000 Management Console, actively exploited
ThreatNoir Morning Brief — July 15
Morning Review in IT Security — July 15, 2026
The cybersecurity landscape faces significant pressure this morning as multiple critical vulnerabilities demand immediate attention from organizations worldwide. Today's briefing covers active zero-day exploitations, a record-breaking patch release from Microsoft, and urgent security updates across enterprise infrastructure platforms.
SonicWall Warns of SMA1000 Flaws Exploited in Zero-Day Attacks
SonicWall has issued an urgent warning regarding two actively exploited vulnerabilities affecting its SMA1000 secure mobile access appliances. The vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, are currently being leveraged by threat actors in zero-day attacks against customer environments. Source: SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
The company has released security updates to remediate these flaws and is urging all customers to deploy patches immediately. Organizations operating SMA1000 appliances should prioritize this update to prevent unauthorized access and potential lateral movement within their networks.
Microsoft and Adobe Patch Tuesday, July 2026 Security Update Review
Microsoft's July 2026 Patch Tuesday represents a significant security event, delivering updates across a broad range of products and services. The monthly release addresses multiple vulnerabilities that pose substantial risks to enterprise environments, with attackers actively targeting unpatched systems. Source: Microsoft and Adobe Patch Tuesday, July 2026 Security Update Review
This release encompasses updates for 570 Microsoft vulnerabilities and 89 Adobe vulnerabilities, underscoring the scale of the security challenges facing organizations. Timely deployment of these updates remains one of the most effective defenses against exploitation in enterprise environments.
Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
Microsoft has released patches for a record 622 vulnerabilities this month, including two zero-day flaws that have already been exploited in active attacks. The exploited vulnerabilities affect Active Directory and SharePoint Server, critical components of Microsoft infrastructure. Source: Microsoft Patches Record 622 Vulnerabilities, Including Two Exploited Zero-Days
Additionally, a publicly disclosed BitLocker bug has been patched as part of this comprehensive update cycle. The sheer volume of vulnerabilities addressed in this release reflects the complexity of the modern threat landscape and underscores the importance of rapid patch deployment across all Microsoft products in enterprise networks.
Progress Confirms ShareFile Zero-Day Flaw Behind Storage Zone Shutdown
Progress Software has confirmed that a high-severity zero-day vulnerability was responsible for the emergency shutdown of ShareFile Storage Zone Controllers announced last week. The company has released security updates to address the flaw and restore service availability. Source: Progress confirms ShareFile zero-day flaw behind Storage Zone shutdown
Organizations relying on ShareFile for document management and collaboration should prioritize the installation of these patches to prevent potential unauthorized access to sensitive data stored within their Storage Zone Controllers.
Closing Perspective
Today's security briefing reflects an exceptionally active threat environment with multiple zero-day exploitations occurring simultaneously across different vendors. Organizations must adopt an aggressive patching strategy, prioritizing the critical updates from SonicWall, Microsoft, and Progress Software to maintain operational security and protect against active threats.
Sources & IOCs
Source articles and extracted indicators (defanged where appropriate).
- Windows BitLocker Security Feature Bypass Vulnerability
- Active Directory Federation Services Elevation of Privilege Vulnerability
- Critical flaw in SharePoint
- XSS vulnerability in Exchange Server
- Remote code execution bug in Remote Desktop Protocol
- Exploited Active Directory flaw affecting Federation Services
- Remote code execution bug in Windows Server Network driver
- Remote code execution bug in Minecraft Bedrock Dedicated Server
- Remote code execution bug in Windows Server DHCP Server
- Exploited SharePoint Server flaw leading to privilege escalation
- BitLocker security feature bypass issue
- Critical flaw in Windows VMSwitch