AI Security Digest
Aggregated ecosystem risk analysis
Vendor Watchlist
Tracking 0 critical integrations
Threat Stream Feed
Real-time security logs and system alerts
1Password - SaaS Manager Workflows are not running as expected
Jul 17, 14:57 EDT Resolved - This incident has been resolved. Jul 17, 14:52 EDT Monitoring - SaaS Manager customers with active workflows may have experienced a service degradation that prevented some workflows from running as scheduled. Our teams quickly identified the issue and implemented a fix. We are now monitoring the recovery to ensure services continue to return to normal.
Cloudflare - NRT (Tokyo) on 2026-07-17
Jul 17, 18:15 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 17, 18:05 UTC Scheduled - We will be performing scheduled maintenance in NRT (Tokyo) datacenter on 2026-07-17 between 18:15 and 21:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location,...
Cloudflare - Cache Reserve users may see increased write errors in the APAC region
Jul 17, 18:11 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 17, 18:06 UTC Investigating - We are investigating an increase in write errors for the R2 cache reserve service
DocuSign - Customers may experience errors loading PowerForms to sign envelopes (Incident 5417)
Jul 17, 17:54 UTC Resolved - The incident has been resolved. Incident duration and timelines are subject to revision pending the results of any related investigation. Jul 17, 17:46 UTC Identified - We have identified the issue and a fix is being implemented. Jul 17, 17:33 UTC Investigating - We are actively investigating this issue.
Supabase - Project Actions Failing Across Multiple Regions
Jul 17, 17:49 UTC Investigating - Certain project actions are failing. We are actively investigating to determine the regions impacted and source of the issue.
Cloudflare - Containers Logs Issues
Jul 17, 17:21 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 17, 16:40 UTC Investigating - A subset of Containers logs for Containers applications that are configured with 'observability.enabled: true' are getting dropped.
New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, and workflow builders that teams stand up fast and firewall late. The intel feed behind that counter
Cloudflare - KUL (Kuala Lumpur) on 2026-07-17
Jul 17, 17:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 17, 02:57 UTC Scheduled - We will be performing scheduled maintenance in KUL (Kuala Lumpur) datacenter on 2026-07-17 between 17:00 and 23:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this lo...
AWS - Service impact: Inaccurate Estimated Billing Data
We have identified the root cause and mitigated the underlying issue causing incorrect estimated cost and usage data to be displayed in the Billing and Cost Management Console, and Cost and Usage Reports. We have begun backfilling data to correct cost data for all customers. We expect some customers to begin seeing recovery within the next three hours, and full recovery for all customers by July 18 12:00 PM PDT. Until the backfill is complete, some customers may still see incorrect cost and usag...
MongoDB Atlas - MongoDB Atlas and Atlas for Government: New AWS Backup and AWS Data Transfer costs will be unavailable between July 17 and 20
Jul 17, 16:14 UTC Identified - Due to an ongoing incident with AWS's billing data, MongoDB Atlas and Atlas for Government will not be updating AWS network or backup consumption data over this weekend, 2026-07-17 through 2026-07-20. The products themselves will remain fully available. When the upstream issue has been resolved, we intend to display and bill for the correct amounts. Charges will have usage dates that correctly express the usage, but will have the billed date of when this is correc...
Cloudflare - POST requests not succeeding
Jul 17, 15:50 UTC Identified - The issue has been identified and a fix is being implemented. Jul 17, 15:06 UTC Update - We are continuing to investigate this issue. Jul 17, 15:02 UTC Investigating - Cloudflare is aware of and investigating an issue where some customers may be experiencing POST requests not reaching origin servers correctly. We are working to analyse and mitigate this problem. More updates to follow shortly.
Vercel - Increased invocation failures for Hobby Team functions
Jul 17, 15:19 UTC Resolved - This incident has been resolved.A subset of deployments created under the Hobby plan teams during Jul 17, 2026 10:18 - Jul 17, 2026 14:10 UTC were impacted by this incident. New deployments after this window are unaffected. Jul 17, 14:27 UTC Monitoring - We have deployed a fix and are continuing to monitor. Function invocations for new Hobby Team deployments should no longer fail. If you are still experiencing function invocation errors, redeploy or rollback to a ...
Cloudflare - Cloudflare Workers API Issues
Jul 17, 14:55 UTC Resolved - This incident has been resolved. Jul 17, 14:49 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 17, 14:34 UTC Investigating - Cloudflare is investigating issues when interacting with Workers API and Workers configuration in the dashboard. Customers might experience unexpected errors on Workers endpoints, particularly when deploying a script. Workers that are already running in production are not affected. More updates to follow ...
AWS - Service impact: Inaccurate Estimated Billing Data
We continue to work to resolve the issue affecting estimated cost and usage data displayed in the Billing and Cost Management Console, including the Cost and Usage Report. The rollback of a recent change did not resolve the issue and we are continuing to investigate multiple mitigation paths. Estimated bill updates remain paused. We are in the process of reverting to the last accurate estimated billing data. The displayed billing estimates do not reflect actual usage and charges. There are no cu...
AWS - Service impact: Inaccurate Estimated Billing Data
We continue to work on multiple mitigation paths in parallel to resolve the issue affecting estimated cost and usage data displayed in the Billing and Cost Management Console. We are evaluating resuming estimated billing computations, as our internal monitoring indicates the billing computation subsystem is now producing accurate estimates. We are conducting additional validation before proceeding with this path. The displayed billing estimates do not reflect actual usage and charges. There are ...
AWS - Service impact: Inaccurate Estimated Billing Data
We continue to work to resolve the issue affecting estimated cost and usage data displayed in the Billing and Cost Management Console. We are actively working on multiple mitigation paths in parallel. The first path involves reverting to the last known good estimated bill computation. With this approach, customers will only see cost and usage data through July 15, however the inflated cost data will be removed. The second path involves rolling back a recent change to the billing computation subs...
AWS - Service impact: Inaccurate Estimated Billing Data
We continue to work to resolve the issue affecting estimated cost and usage data displayed in the Billing and Cost Management Console. As previously shared, we have identified the root cause as an issue with unit pricing within the estimated billing computation subsystem. To prevent further inaccurate billing estimates from being displayed, we have paused estimated billing computations. Customers who are currently seeing normal bill estimates will continue to see those estimates, and customers w...
Cloudflare - Email Delivery Delays
Jul 17, 10:38 UTC Identified - The issue has been identified and a fix is being implemented. Jul 17, 10:10 UTC Investigating - Cloudflare is investigating a delay in our ability to send emails. This includes password reset, mFA token emails. We are working to resolve the issue. More updates to follow shortly.
New Relic - E2M (Events-2-Metrics) authorization issues
Jul 17, 10:21 UTC Resolved - Between 15:00 UTC on July 14th and 10:00 UTC on July 17th, we experienced an issue where some customers experienced authorization issues when attempting to create, read or update E2M (Events-2-Metrics) rules in the US, EU and JP regions. This was due to a recent change we have made to our authorization endpoints. These endpoints now require S2S authentication which has caused requests to our E2M (Events-2-Metrics) to fail. Our teams have rolled back these changes un...
AWS - Service impact: Inaccurate Estimated Billing Data
We continue to work to resolve the issue affecting estimated cost and usage data displayed in the Billing and Cost Management Console. We have identified the root cause as an issue with unit pricing within the estimated billing computation subsystem and we are working on a mitigation. The displayed billing estimates do not reflect actual usage and charges. There are no customer actions required at this time. Once the issue has been mitigated, we expect full resolution to take multiple hours as w...
Cloudflare - Network Performance Issues in Paris, France (CDG)
Jul 17, 09:25 UTC Update - We are continuing to investigate this issue. Jul 17, 08:51 UTC Investigating - Cloudflare is investigating issues with network performance in Paris, France (CDG). A subset of traffic transiting the Paris data center may observe slightly higher latency. We are working to analyse and mitigate this problem. More updates to follow shortly.
AWS - Service impact: Inaccurate Estimated Billing Data
Beginning on July 16 7:38 PM PDT, we began displaying incorrect estimated billing data in the Billing and Cost Management Console. Our engineering teams are engaged and investigating root cause. We will provide another update by 3:00 AM PDT or sooner if more information becomes available.
ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files
ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders. It gets in because someone pasted a command into a Run box and pressed Enter. Microsoft laid out two of the delivery chains on Thursday. Its Defender Experts team, the
AWS - Service impact: Inaccurate Estimated Billing Data
We are investigating issues with Cost Explorer reflecting inaccurate estimated billing data.
Cloudflare - SEA (Seattle) on 2026-07-17
Jul 17, 08:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 16, 21:45 UTC Scheduled - We will be performing scheduled maintenance in SEA (Seattle) datacenter on 2026-07-17 between 08:00 and 13:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this locatio...
Cloudflare - Network Performance Issues for AWS ap-northeast-1 region
Jul 17, 07:50 UTC Resolved - This incident has been resolved. Jul 17, 07:44 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 17, 07:36 UTC Identified - The issue has been identified and a fix is being implemented. Jul 17, 07:31 UTC Investigating - Cloudflare is investigating issues with Network Performance for customers using AWS ap-northeast-1 region. Customers may see increased latency and HTTP 5xx errors.We are working to analyze and mitigate this prob...
Cloudflare - CNI 2.0 issues in London
Jul 17, 05:47 UTC Investigating - Cloudflare is currently investigating issues related to CNI 2.0 in London. Customers utilizing CNI 2.0 through London (LHR) data center will experience a failure to send traffic over their CNI. We are working to mitigate impact to CNI customers. More updates to follow shortly.
Akamai - Application Load Balancer reporting availability issues
Jul 17, 04:45 UTC Update - We did not observe a recurrence, and the system looks stable. We continue to monitor to ensure that the impact has been fully mitigated. We will provide the next update as we make progress. Jul 16, 07:27 UTC Monitoring - We have implemented a fix for this issue as of 04:36 UTC on 16 July 2026; based on current observations, the service is resuming normal operations. Customers and partners can find more details on the Akamai Community: https://community.akamai.com/cu...
Cloudflare - Increased HTTP 500 Errors in Querétaro, Mexico
Jul 17, 01:42 UTC Resolved - This incident has been resolved. Jul 17, 01:26 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 17, 01:25 UTC Identified - Cloudflare is investigating an increased level of HTTP 500 errors in Querétaro, Mexico. We are working to analyse and mitigate this problem. More updates to follow shortly.
Cloudflare - IST (Istanbul) on 2026-07-17
THIS IS A SCHEDULED EVENT Jul 17, 01:00 - 14:00 UTC Jul 16, 10:32 UTC Scheduled - We will be performing scheduled maintenance in IST (Istanbul) datacenter on 2026-07-17 between 01:00 and 14:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traffic to fail over els...
Vercel - GitHub-linked deployments and authentication affected
Jul 16, 23:39 UTC Identified - We've identified an issue affecting deployments for projects linked to GitHub repositories, as well as GitHub login, signup, and account connections. CLI deployments and other sign-in methods are unaffected. We will share updates as they become available. Jul 16, 23:09 UTC Investigating - We are investigating elevated error rates for users logging in to Vercel using their GitHub account and connecting their GitHub accounts to Vercel. Login with email or other si...
Cloudflare - LHR (London) on 2026-07-16
Jul 16, 23:30 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 16, 22:37 UTC Scheduled - We will be performing scheduled maintenance in LHR (London) datacenter between 2026-07-16 23:30 and 2026-07-17 06:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this ...
Cloudflare - CDG (Paris) on 2026-07-16
THIS IS A SCHEDULED EVENT Jul 16, 23:00 UTC - Jul 17, 07:00 UTC Jul 15, 14:16 UTC Scheduled - We will be performing scheduled maintenance in CDG (Paris) datacenter between 2026-07-16 23:00 and 2026-07-17 07:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, please make sure you are expecting this traff...
GitHub - Degraded REST API Availability
Jul 16, 22:58 UTC Update - API Requests is experiencing degraded performance. We are continuing to investigate. Jul 16, 22:58 UTC Update - We are aware of degraded REST API availability and are investigating Jul 16, 22:51 UTC Investigating - We are investigating reports of impacted performance for some GitHub services.
Box - Issues with Box Edit and Microsoft Office Online
Jul 16, 14:48 PDT Resolved - After further monitoring, this incident is now considered resolved. Microsoft Office Online and Box Edit has been restored to full functionality. Jul 16, 14:47 PDT Monitoring - Our team has taken steps to remediate this issue and is seeing improvement for the Microsoft Online service and Box Edit. Jul 16, 14:45 PDT Identified - Our team has identified the underlying cause of this issue and is working to take remediating steps. Jul 16, 14:30 PDT Update - We are...
Cloudflare - Elevated Errors China Network
Jul 16, 21:47 UTC Investigating - We are investigating an issue with errors in China Network.
GitHub - Claude Fable 5 experiencing degraded performance
Jul 16, 21:06 UTC Update - We are experiencing degraded availability for the Claude Fable 5 model in Copilot products and IDE surfaces. This is due to an issue with an upstream model provider. While we work with them to resolve the issue, we recommend choosing another model or selecting 'Auto' to continue using Copilot. Jul 16, 21:05 UTC Investigating - We are investigating reports of degraded performance for Copilot AI Model Providers
Sentry - Github Integration Webhook processing delay
Jul 16, 21:06 UTC Identified - The issue is mitigated and the webhook backlog is being processed. Seer code reviews will run and linked Github issues and PRs will update incrementally.
Cloudflare - CNI 2.0 Experiencing Intermittent 5XX Errors
Jul 16, 19:47 UTC Monitoring - We have identified and applied a fix for this issue and are currently monitoring the results. Jul 16, 19:07 UTC Investigating - We are currently investigating an issue where customers may experience errors when attempting to view CNI 2.0 interconnections from the API or Dashboard. Data plane traffic is unaffected.
Cloudflare - EWR (Newark) on 2026-07-16
Jul 16, 19:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 16, 09:39 UTC Scheduled - We will be performing scheduled maintenance in EWR (Newark) datacenter between 2026-07-16 19:00 and 2026-07-17 00:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this ...
Cloudflare - BKK (Bangkok) on 2026-07-16
Jul 16, 18:30 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 16, 18:25 UTC Scheduled - We will be performing scheduled maintenance in BKK (Bangkok) datacenter on 2026-07-16 between 18:30 and 22:30 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this locatio...
Supabase - S3 endpoints for keys with special characters broken
Jul 16, 17:55 UTC Identified - We have identified an issue where S3 endpoints for keys with special characters will be broken. We are actively investigating the correct mitigation for this issue.
New Exploitable BOLA Found in Immich (self-hosted media platform)
Full disclosure I'm at Escape but wanted to share something we found that would be interesting to those here! Escape's security research team found a Broken Access Control flaw in Immich which let any user read photos in a locked folder without the required PIN. Immich is a self-hosted media platform with 100k+ stars on GitHub. Their "locked folder" hides sensitive assets behind a PIN-elevated se...
Cloudflare - KUL (Kuala Lumpur) on 2026-07-16
Jul 16, 17:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 16, 12:55 UTC Scheduled - We will be performing scheduled maintenance in KUL (Kuala Lumpur) datacenter on 2026-07-16 between 17:00 and 23:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this lo...
Cloudflare - Durable Objects Increased Errors
Jul 16, 16:53 UTC Update - We are continuing to work on a fix for this issue. Jul 16, 16:49 UTC Identified - The cause of this issue has been identified and a fix is being implemented. Jul 16, 16:44 UTC Update - Cloudflare is investigating issues causing an increase of errors for Durable Objects and downstream services in multiple regions (Europe and APAC). Jul 16, 16:43 UTC Update - We are continuing to investigate this issue. Jul 16, 16:39 UTC Investigating - Cloudflare is investigati...
DigitalOcean - Reserved IP routing in TOR1
Jul 16, 15:30 UTC Identified - Our Engineering team has identified the cause of the issue affecting Reserved IP routing in the TOR1 region, which was causing inbound and outbound traffic to and from Reserved IPs in TOR1 to fail.Detaching and reassigning the Reserved IP to the Droplet may restore connectivity in the meantime. We recommend trying this workaround if you are still experiencing issues with your Reserved IP in TOR1.Our engineering team is now working on implementing a fix. We will pr...
Cloudflare - PDX (Portland) on 2026-07-16
Jul 16, 15:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 15, 22:00 UTC Scheduled - We will be performing scheduled maintenance in PDX (Portland) datacenter on 2026-07-16 between 15:00 and 23:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this locati...
New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands
Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that's been spreading via websites infected with ClickFix lures since late April 2026. "The malware is full-featured, lightweight, and modular," Elastic Security Labs researcher Cyril François said in a technical report. "While the number of C2 [command-and-control] domains is currently small, the daily
GCP - RESOLVED: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 and ended at 2026-07-16 05:25 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services experienced a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer...
AWS - Service is operating normally: [RESOLVED] Increased 5xx Errors
Between 12:45 AM and 4:18 AM PDT, we experienced increased 5xx errors for CloudFront customers utilizing VPC Origins connectivity. Our engineers were automatically engaged and immediately began investigating the root cause. By 2:57 AM PDT, we identified the root cause of the issue as an internal constraint on the fleet that manages connections to private VPC origins. When this constraint was reached, the system responsible for distributing routing configuration to our network processors failed t...
NASA Core Flight System (cFS) Health & Safety (HS) Application
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to cause a denial-of-service condition. The following versions of NASA Core Flight System (cFS) Health & Safety (HS) Application are affected: Core Flight System (cFS) Health & Safety (HS) Application CVSS Vendor Equipment Vulnerabilities v3 7.5 NASA NASA Core Flight System (cFS) Health & Safety (HS) ...
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-25089 Fortinet FortiSandbox OS Command Injection Vulnerability CVE-2026-39808 Fortinet FortiSandbox OS Command Injection Vulnerability CVE-2026-58644 Microsoft SharePoint Deserialization of Untrusted Data Vulnerability These types of vulnerabilitie...
Cloudflare - Cloudflare Storage Maintenance
THIS IS A SCHEDULED EVENT Jul 16, 12:00 - 13:00 UTC Jul 6, 22:38 UTC Scheduled - Cloudflare has scheduled maintenance for our backend storage systems. Services will continue to operate normally, but customers will be unable to create/delete/modify Client-Side Security settings via the Dashboard or the public API for a period of up to 3 minutes.The following services will experience configuration and new connections limitations during this window:- Client-Side Security (Page Shield)
Cloudflare - Increase in errors for Zone Settings API
Jul 16, 11:57 UTC Resolved - This incident has been resolved. Jul 16, 11:46 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 16, 11:37 UTC Update - We are continuing to work on a fix for this issue. Jul 16, 11:22 UTC Identified - The issue has been identified and a fix is being implemented. Jul 16, 11:00 UTC Investigating - Cloudflare has identified issue causing an increase of errors for the Zone Settings API. We are working to analyse and mitigate thi...
AWS - Service impact: Increased 5xx Errors
We continue to see significant signs of recovery as a result of our mitigation efforts, with full recovery expected within the next 45 minutes.
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services experienced a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks posed by ...
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services experienced a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks posed by ...
New Agent Data Injection Attack Can Make AI Agents Misclick or Run Attacker Commands
Ask an AI agent to summarize the reviews on a product page, and a single planted review can make it click "Buy Now" instead. Ask a coding assistant to apply a maintainer's fix from a GitHub thread, and a fake comment can make it run a stranger's command on your computer. Neither trick hijacks the agent's task. Each one just corrupts the facts it trusts and lets it carry on with the job you
AWS - Service degradation: Increased 5xx Errors
We are seeing initial signs of recovery and continue to work toward full recovery.
AWS - Service degradation: Increased 5xx Errors
We continue working to resolve the increased 5xx errors for CloudFront customers utilizing VPC Origins connectivity. Customers utilizing other origin types remain unaffected by this issue. We have further scoped the issue down to routing table capacity within the packet processing subsystem responsible for routing requests from CloudFront's edge locations to resources within customer VPCs. We have identified and are currently testing a mitigation strategy to resolve the issue. Once testing is co...
AWS - Service degradation: Increased 5xx Errors
We continue working to resolve the increased 5xx errors for CloudFront customers utilizing VPC Origins connectivity. Customers utilizing other origin types remain unaffected by this issue. Based on our investigation, we believe the root cause is related to a packet processing subsystem responsible for routing requests from CloudFront's edge locations to resources within customer VPCs. We continue to recommend that customers who are able to do so temporarily change their origin type to resolve th...
GitHub - Disruption with some GitHub services
Jul 16, 09:30 UTC Monitoring - The degradation has been mitigated. We are monitoring to ensure stability. Jul 16, 09:13 UTC Investigating - We are investigating reports of impacted performance for some GitHub services.
Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide
Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext. A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums he
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services experienced a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks posed by ...
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services experienced a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks posed by ...
AWS - Service impact: Increased 5xx Errors
Starting at 12:45 AM PDT, we are experiencing increased 5xx errors for CloudFront customers utilizing VPC Origins connectivity. We have confirmed that customers utilizing other origin types are not impacted by this issue. Our engineers are engaged and are actively working to mitigate impact. As a workaround, customers who do not require VPC Origins can change their origin type to resolve the errors. We will provide another update by 3:15 AM PDT, or sooner if more information becomes available.
Rippling - Access denied
Jul 16, 09:00 UTC Resolved - Rippling displayed "Access denied" to some users accessing Rippling. The issue has been fully mitigated and the Rippling is fully operational again.
AWS - Service impact: Increased 5xx Errors
We are investigating increased 5xx errors for Cloudfront customers utilizing VPC Origins connectivity.
OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol
OpenAI has disclosed details of GPT-Red, an internal automated red-teaming model that scales prompt injection vulnerability discovery with an aim to fix issues before the tools are deployed widely. "GPT‑Red is a strong red-teamer, and our previous models are highly vulnerable to its prompt injection attacks," the artificial intelligence (AI) company said. "We use GPT‑Red to adversarially train
Vercel - SAML Single Sign-On (SSO) errors
Jul 16, 08:39 UTC Investigating - We are investigating SAML Single Sign-On (SSO) errors, leading to inability to login using SAML/SSO or access SSO-protected teams through the Vercel dashboard and CLI.
Cloudflare - Magic WAN / Magic Transit tunnel health alert delivery
Jul 16, 08:13 UTC Investigating - We are investigating an issue that may prevent some Magic WAN and Magic Transit tunnel health alert notifications from being delivered. Affected customers may not have received expected notifications for tunnel state changes during this period. Tunnel traffic and routing are not impacted — this issue is limited to alert notifications only.We have identified the likely cause and are working on a fix.
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks pose...
Zoom Patches Critical Windows Flaw That Could Enable Account Takeover
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412 (CVSS score: 9.8), affects Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. "Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for
Cloudflare - DFW (Dallas) on 2026-07-16
Jul 16, 07:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 14, 17:29 UTC Update - We will be performing scheduled maintenance in DFW (Dallas) datacenter on 2026-07-16 between 07:00 and 12:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location, p...
Supabase - Projects in stuck state in EU-CENTRAL-1 (Frankfurt)
Jul 16, 07:00 UTC Identified - Our infrastructure provider experienced a connectivity issue in the EU-CENTRAL-1 (Frankfurt) Region, between 4:11 PM PDT and 6:24 PM PDT, which has now been resolved. As a result of this incident, a number of Supabase projects were left in a stuck state. Our team is actively working through the list of impacted projects to restore normal functionality as quickly as possible.We will continue to provide updates as restoration work progresses.
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solution (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure. Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google proactively turned down workloads in order to protect customer data from any risks pose...
Vercel - Missing Build CPU Minutes Usage Data
Jul 16, 06:07 UTC Monitoring - We've identified an issue where some users may see missing Build CPU Minutes data on Usage pages in the Vercel Dashboard. The issue has been resolved, and we are backfilling the affected usage data.
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing temperature alerts in europe-west4-a.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing a service outage in europe-west4-a due to a cooling failure Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google has proactively turned down workloads in order to protect customer data from any risks...
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing temperature alerts in europe-west4-a.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing temperature alerts in europe-west4-a Description The datacenter serving europe-west4-a for GCVE, BMS, and NetApp has experienced a power failure, which subsequently caused a cooling failure. Google has proactively turned down workloads in order to protect customer data from any risks posed by running infras...
GCP - UPDATE: Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing temperature alerts in europe-west4-a.
Incident began at 2026-07-15 16:57 (all times are US/Pacific).Summary Google Cloud VMware Engine (GCVE), Google Cloud NetApp Volumes, and Bare Metal Solutions (BMS) services are experiencing temperature alerts in europe-west4-a. Description GCVE: Our engineering teams are currently working with data center facility teams to address the rising temperatures. A shutdown has already occurred for some private clouds, and we expect that others will shut down as well. We recommend shutting down your V...
DocuSign - Customers may experience errors executing workflows and uploading documents (Incident 5386)
Jul 16, 03:33 UTC Resolved - The incident has been resolved. Incident duration and timelines are subject to revision pending the results of any related investigation. Jul 16, 03:27 UTC Identified - We have identified the issue and a fix is being implemented. Jul 16, 03:27 UTC Investigating - We are actively investigating this issue.
AWS - Service is operating normally: [RESOLVED] Elevated connectivity issues with a single Avalability zone
Between 2:56 PM and 6:07 PM PDT, we experienced connectivity issues to a subset of EC2 instances in a single Availability Zone (euc1-az2) in the EU-CENTRAL-1 Region. During this time, customers may also have experienced increased error rates and latencies for new instance launches in the affected zone, along with some AWS APIs that use the affected EC2 instances. Some AWS Services also experienced connectivity issues and increased error rates within the affected zone. Engineers were automaticall...
Cloudflare - Cloudflare R2 Issues
Jul 16, 01:12 UTC Identified - Cloudflare is investigating elevated error rates affecting R2 and some services that depend on it, including Stream, Pipelines, and Log Explorer. Customers may have experienced increased errors reading or writing objects and delayed data processing. Impact was partially mitigated at approximately 21:52 UTC, and dependent services have recovered. A low level of R2 errors is still occurring, and we are actively working toward full resolution.
Cloudflare - MAD (Madrid) on 2026-07-16
Jul 16, 00:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 15, 02:14 UTC Scheduled - We will be performing scheduled maintenance in MAD (Madrid) datacenter on 2026-07-16 between 00:00 and 06:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location...
Zoom - Zoom Workforce Management Update: 7/15/2026 (No Operational Impact)
Jul 15, 17:00 PDT In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 14, 12:33 PDT Scheduled - We will be providing an update to Zoom Workforce Management. Please refer to https://support.zoom.com/hc/en/article?id=zm_kb&sysparm_article=KB0068337 for more details. This update includes the ability to import staffing data at the interval level.There is no operational impact. All services will be available during this scheduled update.
[CISA KEV] CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability
Product: FortiSandbox by Fortinet Description: Fortinet FortiSandbox contains an OS command injection vulnerability that could allow an unauthenticated attacker to execute unauthorized code or commands via crafted HTTP requests. Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
[CISA KEV] CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability
Product: FortiSandbox by Fortinet Description: Fortinet FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS contain an OS command injection vulnerability that allows an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP requests. Required Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
AWS - Service impact: Elevated connectivity issues with a single Avalability zone
We are seeing early signs of recovery and continue to work toward full resolution. We will continue to provide updates.
Vercel - Errors accessing teams that require 2FA
Jul 15, 23:34 UTC Resolved - This incident has been resolved. Jul 15, 23:16 UTC Monitoring - A fix has been implemented and services have recovered. We are continuing to monitor to ensure that the services remain stable. We will provide additional updates as they become available. Jul 15, 23:04 UTC Identified - We have identified an increase in erroneous 2FA (two-factor authentication) challenges and errors when accessing the Vercel dashboard and multiple API services for teams that require...
AWS - Service impact: Elevated connectivity issues with a single Avalability zone
We are investigating elevated connectivity issues with a single Avalability zone (euc1-az2) in the EU-CENTRAL-1 Region.
GHSA-9h85-g7w3-rh49: Render Vulnerability
ViewComponent: Reused Component Instances Retain Stale Render Context
Cloudflare - PDX (Portland) on 2026-07-15
Jul 15, 18:30 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 15, 18:14 UTC Scheduled - We will be performing scheduled maintenance in PDX (Portland) datacenter between 2026-07-15 18:30 and 2026-07-16 01:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in thi...
SendGrid - Delayed Processing for SendGrid Account Actions
Jul 15, 11:11 PDT Investigating - Starting around 10:09 AM PDT on July 15, 2026, our engineers began investigating an issue with account actions. Users may experience delays with account management tasks, such as password resets. This does not impact mail send. We will provide another update in 1 hour or as soon as more information becomes available.
File-Binding, Process-Binding, and Silo-Binding - new process impersonation techniques for EDR evasion
TL;DR: One documented Windows feature, the Bind Filter, gives an attacker who already holds local administrator rights three ways to make one file look like another to every path-based defense on the box. No vulnerable driver, no exploit. Bitdefender Labs named and documented all three: File-Binding, Process-Binding, and Silo-Binding: - File-Binding hijacks what a target loads or reads. Shadow the...
Cloudflare - Elevated errors in ENAM region
Jul 15, 15:45 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 15, 15:28 UTC Identified - The issue has been identified and a fix is being implemented. Jul 15, 15:22 UTC Investigating - Customers may experience elevated error rates in ENAM region
Cloudflare - Network Performance Issues in AMS
Jul 15, 14:53 UTC Monitoring - A fix has been implemented and we are monitoring the results. Jul 15, 14:19 UTC Identified - The issue has been identified and a fix is being implemented. Jul 15, 13:39 UTC Investigating - Cloudflare is investigating issues with network performance in Amsterdam. We are working to analyse and mitigate this problem. More updates to follow shortly.
KQL Queries for new Chaotic Eclipse Zero day 'Legacy Hive'
Literally after July 2026 Patch Tuesday, Chaotic Eclipse dropped a functional zero-day PoC called LegacyHive an arbitrary hive load Elevation of Privilege (EoP) vulnerability targeting the Windows User Profile Service (ProfSvc). Because the exploit works on fully patched systems by mounting targeted user hives into the current user's classes root, I've put together two KQL hunting queries for this...
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published. The vulnerabilities are listed below - CVE-2026-15718, an invalid pointer in the JavaScript: WebAssembly component CVE-2026-15719, a site isolation in the DOM: Navigation component "We are aware that exploit code for this is public, however we are not aware of
Cloudflare - Network Performance issues - Increased HTTP 502 Errors in HKG
Jul 15, 11:00 UTC Monitoring - Cloudflare is investigating an increased level of HTTP 502 errors originating from the Hong Kong datacenter. We are working to analyse and mitigate this problem. More updates to follow shortly.
Cloudflare - BOG (Bogotá) on 2026-07-15
Jul 15, 11:00 UTC In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary. Jul 15, 10:08 UTC Scheduled - We will be performing scheduled maintenance in BOG (Bogotá) datacenter on 2026-07-15 between 11:00 and 13:00 UTC.Traffic might be re-routed from this location, hence there is a possibility of a slight increase in latency during this maintenance window for end-users in the affected region. For PNI / CNI customers connecting with us in this location...