Cybersecurity Daily: News & Threats · 18 Jul 2026 · 4 min

LegacyHive Unpatched, AI Ransomware & SharePoint Triple Exploit

A researcher dropped an unpatched Windows zero-day hours after Patch Tuesday, three SharePoint RCE flaws are already being actively exploited, and Sysdig documented the first fully autonomous AI-driven ransomware with no ransom demand. Today's briefing covers the threats your patching schedule won't save you from.

Cybersecurity Daily: News & Threats
Now Playing
LegacyHive Unpatched, AI Ransomware & SharePoint Triple Exploit

Audio is available on Spreaker — see link below.

What's covered

LegacyHive Zero-Day Drops Post-Patch Tuesday

A researcher just dropped an unpatched Windows zero-day hours after Microsoft's July Patch Tuesday. That's the signal this briefing opens on, because it tells us something larger: patching on schedule is no longer enough.

Listen now →

SharePoint Three-Flaw Exploitation Confirmed

While LegacyHive sits unpatched, three SharePoint Server flaws are already being actively exploited. CISA confirmed all three, covering remote code execution and data theft across on-premises deployments.

Listen now →

Adobe VMware Browser Critical Patches

Separate from the zero-day situation, this Patch Tuesday brought a significant volume of critical enterprise fixes. Adobe dropped eighty-eight total patches.

Listen now →

AI Ransomware Without a Ransom Demand

There's a different category of threat that also landed this week. Sysdig documented what appears to be the first fully autonomous AI-driven ransomware operation.

Listen now →

Bermuda Ransomware Payout Confirmed

On the economics of ransomware, a parliamentary report on Bermuda's September twenty twenty-three government attack has added a rare data point. The report indicates ransom payment activity totalling approximately four-point-four million dollars.

Listen now →

Fairlife Production Halt

One more story worth tracking: Fairlife has halted US dairy production following unauthorized system access. It's the first major US food and beverage supply chain disruption of twenty twenty-six.

Listen now →

Key Watchpoints Going Forward

The two things to watch closely from here: whether LegacyHive gets fully weaponized before Microsoft ships a patch, and whether the autonomous AI ransomware documented by Sysdig reappears with a payment mechanism attached. The first tells us how badly coordinated disclosure has broken down.

Listen now →

Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.

More episodes

From Cybersecurity Daily: News & Threats