The Patch Wars have begun
Essential information
- Published
- 16/07/2026 23:04
- Modified
- —
- Source / Author
- AlienVault
- Confidence
- 100/100
- Report type(s)
- threat-report
- Labels / Tags
- castlestealer clickfix cryptocurrency theft financial motivation remcos rat russian-speaking adversary starland rat trojanized installers uat-11795 wldr agent
- Related entities
- 5 indicators, 1 observables, 1 intrusion sets (apt), 20 techniques (mitre), 4 malware
Description
Microsoft released an unprecedented 622 vulnerability patches in July's Patch Tuesday, with 62 critical severity issues and three zero-days, two actively exploited. This represents more vulnerabilities than all of 2018 combined and marks a dramatic shift from the typical five patches issued in July two years prior. Microsoft attributes this surge to AI frontier model-accelerated vulnerability research. While major vendors like Microsoft possess resources to handle this volume, smaller companies face significant challenges. The concern extends beyond discovery to deployment, as traditional IT patch testing and stability review processes struggle under this unprecedented load. Organizations must differentiate between temporary surges and the new normal operational tempo, as continuous high-volume patching may become standard. This situation places extraordinary pressure on IT administrators and change management teams who must adapt to a sustained flood of KEV and EPSS notifications while maintaining infrast...