eastbaycyber

Palo Alto Exploited, Chrome Zero-Day Patched, and Three Critical CVEs

Threat digests 11 min read
EC
East Bay Cyber Editorial Team Reviewed 2026-07-09
Week of 9 JUL 2026

TL;DR - Major themes today: large-scale breach disclosures, active exploitation, developer supply-chain risk, and multiple critical CVEs. - Defenders should prioritize internet-facing apps, WordPress plugins, AI tooling, and user-targeted Microsoft 365 controls. - Urgency is high where exploitation or unauthenticated abuse is already reported.

Top Stories

1) AssuranceAmerica breach exposes records of 6.9 million drivers

AssuranceAmerica disclosed a breach affecting nearly 7 million drivers after attackers accessed company systems earlier this year, according to BleepingComputer (source).

So what?
This is another reminder that insurance-sector data remains high-value due to the mix of PII, policy details, claims data, and identity attributes useful for fraud and follow-on phishing.

What defenders should do next - Review whether your organization exchanges data with insurers, brokers, or claims processors. - Watch for secondary fraud targeting employees or customers using stolen identity data. - Update breach-response playbooks for third-party incident notifications and downstream customer communications. - Hunt for abnormal access to file shares, claims systems, and customer databases if you operate in a similar sector.

2) Microsoft patches Defender zero-day “RoguePlanet”

Microsoft released a patch for a Defender zero-day called “RoguePlanet,” disclosed after the June 2026 Patch Tuesday, per BleepingComputer (source).

So what?
A security tool vulnerability is especially sensitive because affected software often runs broadly across endpoints and servers. Even if exploitation details are limited publicly, patching lag here increases operational risk.

What defenders should do next - Validate Microsoft Defender version coverage across endpoints and servers. - Expedite deployment to high-value assets and exposed admin workstations first. - Confirm EDR telemetry health after patch rollout. - Review detection content for post-exploitation activity in case the zero-day was used before patching.

3) Mount Royal University confirms breach after hacker claims

Mount Royal University confirmed attackers stole and deleted data from file storage systems after a network breach, according to BleepingComputer (source).

So what?
The combination of theft and destructive action matters. Universities remain attractive targets due to decentralized IT, mixed device trust levels, research data, and broad email exposure.

What defenders should do next - Verify backup immutability and restoration procedures for file storage and collaboration platforms. - Tighten privileged access around storage administration and identity systems. - Monitor for large archive creation, unusual SMB activity, mass deletes, and suspicious use of remote administration tools.

4) Fake Paysafe and Skrill SDKs on npm and PyPI steal credentials

Malicious packages on npm and PyPI impersonated Paysafe, Skrill, and Neteller SDKs and delivered credential-stealing malware, BleepingComputer reported (source).

So what?
This is a direct developer supply-chain threat. SMBs and startups are especially exposed because they often trust package ecosystems without strict internal mirroring, package allowlists, or artifact review.

What defenders should do next - Audit recent package installs in CI/CD and developer environments. - Compare package names against official vendor documentation before installing. - Enforce package pinning, lockfiles, and internal registries where possible. - Rotate credentials used on systems where suspicious packages were installed.

5) Roundcube flaw exploited to target academic researchers

A China-linked cluster reportedly exploited vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoors, according to BleepingComputer (source).

So what?
This is important beyond higher education. Any self-hosted webmail exposed to the internet becomes a durable persistence point and a credential collection source.

What defenders should do next - Identify all externally reachable Roundcube instances and patch immediately. - Inspect mail server logs for unusual session patterns, admin logins, and webshell indicators. - Force credential resets where compromise is suspected. - Review mailbox forwarding rules and OAuth app grants if integrated with broader identity systems.

6) Entra passkey enrollment vishing targets Microsoft 365 users

A threat actor is using voice phishing to trick Microsoft 365 users into enrolling a new Entra passkey, BleepingComputer reported (source).

So what?
This shows attackers adapting to MFA and passkey workflows instead of simply stealing passwords. Help desks and end users may trust requests framed as urgent account recovery or security onboarding.

What defenders should do next - Require verified help-desk workflows for credential or passkey changes. - Alert users that IT will not request ad hoc passkey enrollment by phone. - Monitor Entra audit logs for new authentication method registration events. - Restrict who can register or reset strong authentication methods without secondary approval.

7) Questions raised around offensive cybersecurity startup

KrebsOnSecurity published reporting on an offensive cybersecurity startup tied to controversial operators and zero-day acquisition claims (source).

So what?
This is more governance and vendor-risk than exploit-response, but it matters. Security buyers should scrutinize any organization brokering offensive capabilities, exploit intelligence, or vulnerability acquisition.

What defenders should do next - Reassess due diligence for threat intel, exploit brokerage, and security testing vendors. - Validate legal, reputational, and procurement controls before engaging firms in gray-market adjacent services. - Ensure your vendor review process covers beneficial ownership, sanctions screening, and public-risk checks.

8) CISA orders federal agencies to prioritize Langflow auth bypass patching

CISA directed federal agencies to patch an actively exploited Langflow authentication bypass flaw on an accelerated timeline, per BleepingComputer (source).

So what?
If you are experimenting with AI agent frameworks, assume attackers are scanning for them. Internal-only deployment is not a safe assumption when dev tools are often exposed for convenience.

What defenders should do next - Inventory all Langflow deployments, including test and shadow IT instances. - Remove public exposure where not strictly necessary. - Patch on an emergency basis if deployed. - Review reverse proxy logs and admin access patterns for signs of exploitation.

Critical Vulnerabilities

CVE-2026-58480: Blocksy Companion Pro unauthenticated file upload

Severity: CVSS 9.8
Affected software: Blocksy Companion Pro plugin for WordPress before 2.1.47
Reference: Patchstack advisory (source), WordPress plugin page (source), VulnCheck (source), Wordfence (source)

The plugin flaw allows unauthenticated arbitrary file upload, potentially leading to remote code execution by abusing extension validation with double extensions such as shell.woff2.php.

Why it matters - Unauthenticated attack path - Common WordPress deployment patterns - Likely to attract rapid scanning and opportunistic exploitation

Immediate actions - Update Blocksy Companion Pro to 2.1.47 or later. - Inspect upload directories for unexpected PHP files. - Review web server logs for suspicious POST requests tied to review or attachment endpoints. - Disable the vulnerable feature temporarily if immediate patching is not possible.

Technical Notes

Check for recently uploaded PHP files in WordPress content paths:

find /var/www/html/wp-content -type f \( -name "*.php" -o -name "*.phtml" \) -mtime -7

Search web logs for suspicious uploads:

grep -Ei "POST .*blocksy|save_attachments|blc_review_images" /var/log/nginx/access.log

Example hardening snippet to block PHP execution in uploads on Apache:

<Directory "/var/www/html/wp-content/uploads">
    php_admin_flag engine off
    <FilesMatch "\.php$">
        Require all denied
    </FilesMatch>
</Directory>

CVE-2026-15062: Snowflake Snowpark Python SDK SQL injection

Severity: CVSS 9.6
Affected software: snowpark-python versions prior to 1.53.0
Reference: Snowflake changelog (source)

This vulnerability affects the Snowpark Python SDK and could allow authenticated low-privilege users to execute SQL outside intended authorization boundaries through multiple injection paths.

Why it matters - Impacts data workflows and ETL-style pipelines - Can turn low-privilege access into broader data exposure - Risk is elevated in shared analytics environments and automation-heavy pipelines

Immediate actions - Upgrade to version 1.53.0 or later. - Review code using DataFrameReader.dbapi(), DataFrameWriter location parameters, and to_csv(). - Audit database activity for unexpected COPY INTO, source-query manipulation, or unusual export paths. - Revisit privilege boundaries for service accounts running Snowpark jobs.

Technical Notes

Identify installed version:

python -c "import snowflake.snowpark; print(snowflake.snowpark.__version__)"

Upgrade safely:

pip install --upgrade "snowflake-snowpark-python>=1.53.0"

Search application code for potentially affected APIs:

grep -R "DataFrameReader\.dbapi\|to_csv\|COPY INTO\|normalize_path" ./src ./jobs ./notebooks

CVE-2026-59702: repomix SSRF via /api/pack

Severity: CVSS 9.3
Affected software: repomix
Reference: Fix commit (source), project repository (source), issue discussion (source), VulnCheck (source)

An unauthenticated SSRF in POST /api/pack allows arbitrary outbound requests because repository URLs were not properly validated before being passed to git clone. The issue can expose internal services, metadata endpoints, or local files.

Why it matters - Unauthenticated SSRF is often a bridge to cloud metadata theft and lateral discovery - AI and developer tooling frequently runs with broad network reach - Internal service exposure can be difficult to detect without egress monitoring

Immediate actions - Patch to the fixed version indicated by the upstream project. - Block access to repomix from untrusted networks. - Restrict outbound connectivity from the host or container. - Specifically block access to cloud metadata IPs from application workloads where possible.

Technical Notes

Example egress control for Linux hosts to block common metadata access:

iptables -A OUTPUT -d 169.254.169.254 -j REJECT

Hunt for suspicious clone attempts or URL schemes:

grep -Ei "POST /api/pack|file://|169\.254\.169\.254|http://|https://" /var/log/* 2>/dev/null

Example reverse proxy restriction:

location /api/pack {
    allow 10.0.0.0/8;
    deny all;
    proxy_pass http://repomix_backend;
}

Additional notable critical CVEs

CVE-2026-8307: SQL injection in Mediküm Web

Severity: CVSS 9.8
Reference: Turkish advisory (source)

A SQL injection vulnerability affects Mediküm Web through the noted version range. The advisory also notes the product is not supported.

Defender takeaway - If this product exists anywhere in your environment, isolation or replacement is more realistic than waiting for vendor remediation. - Add compensating controls such as WAF rules, IP restrictions, and network segmentation if immediate retirement is not possible.

CVE-2026-41042: Apache Gravitino testConnection code execution path

Severity: CVSS 9.1
Affected software: Apache Gravitino before 1.2.1
Reference: Apache advisory thread (source), oss-security post (source)

Unauthenticated callers may be able to supply a malicious H2 JDBC URL through the testConnection API, leading to arbitrary Java code execution via H2’s INIT parameter.

Defender takeaway - Upgrade to 1.2.1. - Restrict exposure of admin and test connection APIs. - Even where severity is context-dependent, unauthenticated code execution paths deserve urgent review.

What Defenders Should Do Today

1) Patch the highest-risk issues first

Use a simple order of operations: 1. Internet-facing apps with unauthenticated exploit paths 2. Actively exploited products 3. Identity and collaboration systems 4. Developer tooling and package ecosystems 5. Internal analytics and data pipeline components

A practical priority list from today’s news: - Blocksy Companion Pro - Langflow deployments - Roundcube instances - Microsoft Defender zero-day patch coverage - repomix exposure - Snowpark Python SDK updates

2) Review identity workflows, not just passwords

The Entra passkey vishing activity shows that user education must include: - passkey registration scams - MFA method reset abuse - help-desk impersonation - urgent phone-based requests framed as security work

Technical Notes

For Microsoft 365 and Entra environments, review authentication method changes and suspicious enrollments:

# Example starting point for admins using Microsoft Graph tooling
# Review recent authentication method registration and reset events in audit logs

If you centralize identity logs in SIEM, hunt for: - new passkey registrations outside business hours - multiple registration attempts across users from the same source - help-desk linked changes followed by suspicious sign-ins

3) Tighten monitoring for webmail, WordPress, and dev platforms

Today’s stories reinforce a common pattern: attackers go where exposure, weak change control, and user trust intersect.

Focus detections on: - unusual file uploads to web applications - execution from uploads directories - suspicious outbound requests from internal tools - package manager installs from unapproved sources - large-scale mailbox or file access followed by deletion activity

Technical Notes

Sample high-signal webshell and suspicious upload hunt:

find /var/www -type f \( -name "*.php" -o -name "*.jsp" -o -name "*.aspx" \) -mtime -3
grep -R "eval(base64_decode|system(|shell_exec(|cmd\.exe|powershell" /var/www 2>/dev/null

Sample package-manager review on developer systems:

npm ls --all
pip list
grep -R "paysafe\|skrill\|neteller" ~/.npm ~/.cache/pip ./package*.json ./requirements*.txt 2>/dev/null

4) Rehearse third-party breach handling

The AssuranceAmerica incident is a good prompt to validate: - who owns third-party breach intake - how affected business units are notified - whether legal, privacy, and customer support teams have current templates - how fraud monitoring is triggered after exposure of identity-rich datasets

Bottom Line

The most actionable themes for July 9 are straightforward:

  • Patch fast where unauthenticated exploitation could lead to code execution or SSRF.
  • Treat AI tooling and developer platforms as production-risk assets, not harmless internal utilities.
  • Expand identity awareness beyond passwords to passkeys and authentication method enrollment.
  • Expect breach fallout to continue long after disclosure through fraud, phishing, and credential attacks.

If your team only has bandwidth for a few actions today, start with exposed WordPress plugins, Roundcube, Langflow, repomix, and any unmanaged authentication workflow that allows users to be socially engineered into registering attacker-controlled access.

This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you.

Last verified: 2026-07-09

Disclaimer: This article may contain affiliate links. We earn a commission on qualifying purchases at no extra cost to you.