17 Jul Security Report – 17 Jul 2026
Recent Breaches
Australian – Australian businesses – Technology
Exploit: Misconfiguration
Risk to Business: Moderate: According to the ACSC, a widespread exploitation campaign is targeting CMS platforms and their plugins globally, with numerous Australian businesses already affected. Threat actors are deploying webshells on compromised websites, potentially leading to service disruptions, data theft and further network compromise. The campaign targets platforms including WordPress, Craft CMS, MaxSite CMS, MetInfo CMS and Joomla JCE, as well as plugins such as Simple File List, WavePlayer, Ninja Forms and Craft CMS. Reports suggest the campaign may be accelerated by AI, enabling threat actors to identify vulnerable systems and scale their attacks more effectively.
Europe – European Union – Government & Public Sector
Exploit: Nation-State
Risk to Business: Moderate: The European Union (EU) and its member states have publicly denounced a Russia-linked malicious cyber ecosystem that has been targeting organisations across the EU for years. The EU has accused Russia’s Federal Security Service (FSB) of directing several cyberthreat groups, including TURLA, to conduct cyber operations against EU member states and international partners. The alleged activities include infiltrating government networks and sabotaging critical infrastructure. Countries reportedly targeted include France, Germany, Poland, Cyprus, the Netherlands, Austria, Slovakia, Romania and Finland. According to the EU, the group has conducted cyber espionage against strategic French government entities since 2010 and targeted the country’s defense industry in 2025. In Germany, it has focused on government organisations, while in Poland, it has recently carried out disruptive sabotage operations against critical infrastructure, including combined heating and power plants.
Talk to a TCT team member today about automation for your business.
Robert Brown
17/7/2026
Related Articles:
Bad Onboarding Causes Messy Offboarding
M365 Settings Worth Checking