// DAILY INTELLIGENCE FEED · MSP & HELPDESK
ARCHIVEBLOGSUBSCRIBE FREE →
← back to archive
// ARCHIVED ISSUE

Wednesday, July 8, 2026

3 CRITICAL4 WARNING9 storiesin𝕏
// FROM THE FLOOR
RISK_LEVEL: 🔴 HIGH

Email your entire client list TODAY asking which systems run ColdFusion, which rely on Kerberos RC4 auth, and which haven't patched Defender — prioritize responses by business criticality and start remediation tomorrow.

// full analysis + daily context delivered to subscribers → subscribe free
☁️ M365/AZURE3 items
CRITICAL☁️ M365/Azure

July 14 Kerberos RC4 Hardening Enforcement Deadline — Authentication Failures Risk for Unprepared Orgs

The July 14, 2026 Kerberos RC4 hardening enforcement deadline is described as non-negotiable and will impact all domain-joined systems. Organisations that have not completed remediation will experience authentication failures and potentially significant business disruption on or after Patch Tuesday. MSPs should audit any remaining RC4-dependent configurations and apply relevant June/July updates before the deadline.

Read more →
CRITICAL☁️ M365/Azure

Microsoft Defender Elevation-of-Privilege CVE-2026-41091 Exploited in the Wild

CVE-2026-41091, an actively exploited Elevation of Privilege flaw in Microsoft Defender, allows an attacker to gain SYSTEM privileges and was included in the June 2026 Patch Tuesday. Microsoft has already pushed a remediated Malware Protection Engine (version 1.1.26040.8 or later) via automatic Defender updates. Verify the engine version under Settings → Privacy & Security → Windows Security → About to confirm protection.

Read more →
WARNING☁️ M365/Azure

Microsoft 365 Suffers Fifth Major Outage in Six Months — Email, Teams & Copilot Down 9+ Hours

Microsoft 365 has experienced its fifth significant cloud outage in six months, with the latest incident knocking email, Teams, and Copilot offline for more than nine hours. The pattern is attributed to Azure absorbing unprecedented AI workloads, with Microsoft having publicly committed tens of billions of dollars to AI infrastructure expansion in 2026. MSPs should ensure clients have an independent communication channel and a written outage playbook as a workaround during M365 unavailability.

Read more →
🔐 SECURITY1 item
CRITICAL🔐 Security

Adobe ColdFusion CVE-2026-48282 (CVSS 10.0) Exploited Within Hours of Disclosure

A path traversal vulnerability in Adobe ColdFusion tracked as CVE-2026-48282 came under active exploitation within hours of its public disclosure, with an attacker attempting to read sensitive Windows system files. Adobe has patched the issue in ColdFusion 2023 Update 21 and ColdFusion 2025 Update 10, and CISA has added it to the KEV catalog. Any internet-facing ColdFusion instance should be updated immediately; Adobe-hosted Campaign instances require no action.

Read more →
🔥 NETWORKING2 items
WARNING🔥 Networking

SonicWall SMA1000 SQL Injection CVE-2026-4112 Patched — Privilege Escalation to Primary Admin

SonicWall has patched four vulnerabilities in SMA1000 series firewalls including a high-severity SQL injection flaw (CVE-2026-4112) that allows an attacker with read-only admin credentials to escalate to primary administrator rights. Three additional issues enable SSL VPN credential enumeration and TOTP authentication bypass. SonicWall says no in-the-wild exploitation has been confirmed but urges immediate patching of all SMA1000 appliances.

Read more →
WARNING🔥 Networking

Fortinet Leads 2026 Firewall Vendors in Unauthenticated CVE Count — Eight Flaws Including Active Exploits

A mid-year analysis of vendor advisories and CISA KEV entries through June 2026 shows Fortinet has disclosed the most unauthenticated vulnerabilities of any firewall vendor, with eight across its portfolio and several under active exploitation including a notable 27-CVE April release. Palo Alto Networks had the most dangerous exploited flaws in the firewall OS itself, while Cisco demonstrated that a patched firewall is not necessarily a clean one. MSPs should track FortiGuard PSIRT and the CISA KEV catalog and treat any 'unauthenticated + internet-facing' advisory as a same-week emergency.

Read more →
🤖 AI/TOOLING1 item
INFO🤖 AI/Tooling

AI Hallucinations Are Breaking MSP Helpdesk Escalations — New Analysis (Published 7 July 2026)

A 7 July 2026 feature from ChannelPro/ITPro finds that AI-driven ticket routing tools trained on historical data rather than live endpoint state are generating incorrect diagnoses at escalation, with technicians identifying AI hallucinations in support recommendations as a systemic problem. L1 teams spend excessive time re-gathering context because RMM, PSA, and monitoring tools do not share a unified real-time endpoint record. The recommended fix is creating a single shared endpoint health record accessible across L1–L3 tiers before bolting on additional AI layers.

Read more →
📡 INDUSTRY2 items
WARNING📡 Industry

CISA KEV July 2026 Week 1: One New Actively Exploited CVE Added — SharePoint Visibility Gap a Cautionary Tale

CISA added one new KEV entry in the first week of July 2026 (CVE-2026-45659, SharePoint RCE), with the incident highlighting a broader process risk: Microsoft inadvertently omitted the CVE from its initial May Patch Tuesday release logs, leaving defenders unaware for days. The delayed advisory enabled a longer window for exploit development and is now associated with Storm-2603/Warlock ransomware. Australian MSPs should ensure their patch validation process cross-references CISA KEV additions, not just MSRC release notes.

Read more →
INFO📡 Industry

Inaugural CRN Channel Awards Australia 2026 Shortlist Announced — MSP and MSSP Categories Expanded

CRN Australia has announced the shortlist for the inaugural CRN Channel Awards Australia 2026, co-presented with the GTIA ANZ Spotlight Awards, spanning 29 categories across managed services, cybersecurity, cloud, AI, and channel leadership. Due to record application volumes, the MSP of the Year and Service Provider of the Year categories have been split by headcount to better represent the market. The awards night is scheduled for 17 September 2026 at the Hyatt Regency Sydney.

Read more →
Tuesday, July 7, 2026
// this lands in your inbox every weekday

This is what you get — every weekday, free.

Subscribers get the full “From the Floor” take with every issue — not just the news summary you just read.
Written from 12 years on the helpdesk floor. Always free.

// no spam · every weekday morning · unsubscribe anytime

LATESTARCHIVEBLOGSUBSCRIBE

// AI-assisted · always verify before acting · not professional security advice