Cybersecurity Daily: News & Threats
(00:00:00) LegacyHive Unpatched, AI Ransomware & SharePoint Triple Exploit (00:01:02) SharePoint Three-Flaw Exploitation Confirmed (00:01:35) Adobe VMware Browser Critical Patches (00:02:31) AI Ransomware Without a Ransom Demand (00:03:10) Bermuda Ransomware Payout Confirmed (00:03:42) Fairlife Production Halt (00:04:00) Key Watchpoints Going Forward A researcher going by Chaotic Eclipse released LegacyHive, an unpatched Windows User Profile Service zero-day enabling local privilege escalation on every supported Windows version — dropping hours after Microsoft's July Patch Tuesday. Three previous disclosures from the same researcher led to active exploitation, and the weaponization clock is already running on this one. CISA confirmed active exploitation of three simultaneous SharePoint Server vulnerabilities — CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 — covering remote code execution and data theft across on-premises deployments. The chaining risk makes this the most urgent item for enterprise defenders today. This Patch Tuesday also brought 88 Adobe patches, eight covering ColdFusion at CVSS 9.0–9.9; a CVSS 9.8 authentication bypass in VMware's Avi Load Balancer exposing the control plane; and critical browser patches from both Firefox and Mozilla on the same day, with public exploit code already circulating for Firefox. Sysdig documented what appears to be the first fully autonomous AI-driven ransomware operation — over 600 automated actions, no human operators, and deliberately no payment mechanism. The NotPetya parallel is hard to ignore: this looks like rehearsal or state-level operational testing, not a criminal campaign. Elsewhere, a parliamentary report confirmed Bermuda's government paid approximately $4.4 million following its 2023 ransomware attack, and Fairlife halted US dairy production after unauthorised system access — the first major food and beverage supply chain disruption of 2026. Two watchpoints going forward: whether LegacyHive gets weaponised before a patch ships, and whether the autonomous AI ransomware resurfaces with a payment mechanism attached. This episode includes AI-generated content.
70 episoder
Kommentarer
0Vær den første til at kommentere
Tilmeld dig nu og bliv en del af Cybersecurity Daily: News & Threats-fællesskabet!