IT Security News — July 18, 2026

cabaret, female duet harmonies, raw garage production, playful and bright, slow ballad, sweeping strings · 4:32

Listen on 93

Lyrics

[Verse 1]
July eighteenth, two-zero-two-six, headlines dropping like a brick
Ernst and Young is in the hot seat — third-party tickets did the trick
Someone's ticketing support system cracked wide at the seam
Corporate data spilling out like steam

Canvas went down across Ontario, students logged in, got a shock
U of T and OCAD frozen — padlock on the digital clock
Progress confirms ShareFile's zero-day, Storage Zones went dark
One unpatched flaw, one massive mark

[Chorus — на русском]
Взлом за взломом, данные горят
Хакеры не спят, системы говорят
Нулевой день, нет защиты — вот беда
Цифровой мир под угрозой навсегда

[Verse 2]
SonicWall rang the alarm bell — two zero-days, urgent patch
SMA appliances wide open, attackers quick to catch
CISA stamped it in the catalog — CVE exploited, known
SharePoint RCE confirmed, another seed is sown

Twenty-three and Me keeps counting — breach bill climbing steep
Zoom got a wake-up call reminding them their flaws run deep
Australia: medical records, clinic patients' private files
Could be auctioned on the dark web — sold across the miles

[Bridge]
London Hydro customers woke up to the news
Their billing data compromised — nobody asked their views
From energy grids to medical charts to university halls
Doesn't matter what the sector — every system falls
When patches wait and vendors drag and third parties skip the check
One forgotten door, one silent flaw turns everything to wreck

[Chorus — на русском]
Взлом за взломом, данные горят
Хакеры не спят, системы говорят
Нулевой день, нет защиты — вот беда
Цифровой мир под угрозой навсегда

[Verse 3]
The pattern reads the same each week — a vendor, then a crack
A zero-day discovered late, attackers doubling back
KEV catalog grows longer, CISA logging every hit
Patch your systems, audit vendors — not tomorrow — now's the minute

Third-party risk is the quiet knife that enters through the side
Support portals, cloud storage zones — nowhere left to hide
From Sydney clinics to Toronto campuses to London power lines
The threat landscape doesn't negotiate — it just declines

[Verse 4]
Credentials leaked on forums, threat actors share the score
Yesterday's forgotten vendor is tomorrow's open door
Supply chain trust is borrowed time when due diligence runs thin
One weak link inside the chain is all they need to get in

Security teams are racing clocks while boardrooms check the budget
Executives ask why it costs so much — analysts say don't judge it
Every dollar spent on patching beats the millions lost in breach
The lesson's written in the headlines — well within our reach

[Outro]
Июль восемнадцатый — запомни этот день
Patch fast, audit hard — защита, не тень
Stay sharp — the news won't wait for anyone

[Chorus — на русском]
Взлом за взломом, данные горят
Хакеры не спят, системы говорят
Нулевой день, нет защиты — вот беда
Цифровой мир под угрозой навсегда

← Critical CVEs (3 of 3) — July 18, 2026 | Compliance News — July 18, 2026 →