Security experts have identified multiple zero-day vulnerabilities being actively exploited by hackers across different enterprise software platforms. A zero-day attack targets a flaw that software makers didn't know about before attackers started using it.
SonicWall, a company that makes network security devices, discovered serious problems in their SMA1000 remote access systems. These vulnerabilities are already being exploited by hackers in real-world attacks. One of the flaws is particularly dangerous because it could allow attackers to run administrator commands on affected systems. SonicWall has released security patches and is warning customers to install them immediately.
Additionally, security flaws have been found in popular Joomla website components called iCagenda and Balbooa Forms. Evidence suggests these vulnerabilities are also being actively exploited by attackers, making them serious threats to websites using these tools.
Microsoft also announced critical security problems in SharePoint, its popular business collaboration platform. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings urging system administrators to apply patches for these actively exploited flaws right away.
In July 2026, Microsoft's regular monthly security update, called Patch Tuesday, addressed an unusually large number of vulnerabilities. The update fixed 570 separate security flaws across Microsoft products, including three zero-day vulnerabilities that were already being exploited by attackers.
These discoveries highlight a growing trend of attackers finding and using unknown security flaws before software companies can fix them. Zero-day attacks are particularly dangerous because companies have no advance warning and cannot protect users until they create and release patches.
Security experts recommend that businesses and organizations take several important steps. First, they should apply all available security patches to their systems as soon as possible. Second, they should monitor their networks for suspicious activity that might indicate a breach. Third, they should make sure their security tools and defenses are up to date.
For home users, keeping software updated through automatic updates is the best defense against these types of attacks. Users should enable automatic updates whenever available on their computers, phones, and other devices. If automatic updates aren't available, checking manufacturers' websites regularly for new patches is important for staying protected.