Progress Software disabled access to ShareFile accounts using on-premises Storage Zone Controllers due to a credible security threat, while a massive campaign dubbed FortiBleed has compromised roughly half of all internet-facing Fortinet firewalls globally.
NATO's 2026 Ankara summit placed AI security at the heart of alliance planning, raising urgent questions about autonomous systems, supply chain integrity, and the accountability of military AI as adversaries accelerate their own programmes.
SK Hynix has priced the biggest foreign listing in American history at $149 a share. The memory war we have tracked for a fortnight now has a market price. It reads as a verdict on who controls the inference economy.
Cyber Update: Progress ShareFile emergency and the FortiBleed compromise
Progress Software disabled access to ShareFile accounts using on-premises Storage Zone Controllers due to a credible security threat, while a massive campaign dubbed FortiBleed has compromised roughly half of all internet-facing Fortinet firewalls globally.
Enterprise perimeter tools remain under intense pressure this week. Progress Software has taken the extraordinary step of disabling access to ShareFile accounts that rely on on-premises Storage Zone Controllers. The vendor communicated a "credible external security threat" to customers on July 10, instructing them to manually shut down hosting servers.
Progress stated, "This is a critical additional step to ensure the safety of your data."
While the company reports no confirmed unauthorised access, the abrupt shutdown has disrupted file sharing globally. Security analysts suggest attackers may be chaining two vulnerabilities, CVE-2026-2699 and CVE-2026-2701, to achieve remote code execution on unpatched deployments.
Simultaneously, the scale of the FortiBleed campaign has become clear. A Russian speaking cybercriminal group has compromised 73,932 unique Fortinet firewall URLs across 194 countries. The attackers executed over a billion credential attempts, intercepting and cracking SSL VPN hashes offline.
The dataset reveals working credentials for some of the largest global enterprises, including major technology and consulting firms. Cybersecurity expert Kevin Beaumont noted that the leaked data explicitly categorises victims by company type, revenue, and country, which is a hallmark of eCrime syndicates packaging initial access for sale on the dark web.
Why Does It Matter?
For Australian organisations, these incidents highlight the fragility of legacy perimeters. Whether it is an emergency shutdown of a critical file sharing service or the silent compromise of a trusted firewall, the impact on operations is severe.
Boards must question the reliance on password complexity alone. As the FortiBleed campaign demonstrates, when attackers extract configuration files and crack hashes offline, even the strongest passwords offer no defence. The focus must shift to enforcing strict multi factor authentication on all external gateways and rapidly patching internet facing infrastructure before initial access brokers can commercialise the vulnerability.
Get the stories that matter to you. Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Sign up for Cyber News Centre
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead.
Apple is accelerating its security updates to outpace AI driven exploit development, releasing early patches for iOS and macOS, while a critical WinRAR vulnerability shows why legacy software remains a prime target for attackers.
Tata Electronics’ confirmed cyber incident underscores a sharper risk for global manufacturers: stolen supplier specifications and production data can expose valuable intellectual property, test customer trust and challenge India’s push to become a trusted alternative to China.
Five Eyes cyber agencies have warned leaders to act now as AI changes cyber risk, while Mackay Sugar’s ransomware disruption shows why Australian operators cannot treat resilience as a back-office issue.
AI agents are no longer side experiments. They are becoming live attack surface, carrying access to data, code and identity. For Australian businesses, the message is clear: adoption must be matched with control.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!