Summary
With threat actors accelerating their focus on widely used enterprise software, the pace of exploitations continues to rise, highlighting the urgency for swift vulnerability management across organizations. In July, a total of 20 vulnerabilities were added to the CISA's Known Exploited Vulnerabilities (KEV) catalog, with five of them actively exploited as zero-days.
Microsoft topped the list with three critical flaws, followed by two vulnerabilities from TeleMessage’s TM SGNL platform reportedly used by a former U.S. National Security Advisor. Cisco, SysAid, and Google each accounted for two high-impact entries, emphasizing the increasing threat posed to enterprise ecosystems across communication, infrastructure, and productivity platforms.
Meanwhile, ransomware activity remained persistent. Qilin, IncRansom, and Akira were among the most active groups this month. The most affected sectors included education, healthcare, and manufacturing, with attackers leveraging unpatched systems and VPN access to execute double extortion and data encryption operations.
Subscribe to our Newsletter
%20(1).png)
