An LLM-driven ransomware operation with no human operator just changed threat modeling forever — plus Microsoft's RoguePlanet Defender patch, CVE volume crisis, and CIRCIA's September reporting deadline. Today's briefing covers the stories security teams cannot afford to miss.
Audio is available on Spreaker — see link below.
Microsoft has patched a privilege escalation flaw in Defender that a researcher has now tied to a recognizable pattern of race condition bugs in the same product. The vulnerability, CVE-2026-50656, goes by the name RoguePlanet.
June's Microsoft patch release topped two hundred CVEs. That number by itself would have been remarkable a few years ago.
The story that changes threat modeling this week is JADEPUFFER. Sysdig documented a ransomware operation run entirely by a large language model, with no human operator directing it end-to-end.
Meta absorbed the Virtue AI red team this week, folding it into Superintelligence Labs. Virtue AI had been doing adversarial testing for Anthropic, NVIDIA, Uber, and Microsoft.
Danish fashion retailer Miinto confirmed a breach of its order management system. Names, addresses, emails, phone numbers, and payment method types were exposed.
On the regulatory front, CISA is projecting a final Cyber Incident Reporting for Critical Infrastructure Act rule in September. The requirement: seventy-two-hour incident reporting across sixteen critical sectors, plus a twenty-four-hour window for ransomware payment disclosure.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.