Microsoft's record 570-CVE Patch Tuesday hides a deeper SharePoint persistence chain—and FortiBleed credentials are now unlocking unauthenticated root access in FortiSandbox. Plus a WordPress emergency auto-update threatening one third of the public web.
Audio is available on Spreaker — see link below.
Five hundred and seventy vulnerabilities. That's what Microsoft patched in a single Patch Tuesday cycle this July, the highest single-month count in the company's history.
That SharePoint situation runs deeper than most organizations realize. A separate SharePoint deserialization flaw with a CVSS score of nine point eight has been chained with three other CVEs in observed attacks.
The same principle applies to the Fortinet situation, and the connective tissue there is the FortiBleed campaign. Since February, a ransomware group tied to Lynx and INC has been harvesting credentials from internet-facing FortiGate firewalls.
On the web infrastructure side, WordPress has issued an emergency forced auto-update for a critical unauthenticated remote code execution flaw, CVE-2026-63030, affecting versions six point nine and seven point zero. No authentication, no plugin, no special configuration required.
The fourth major thread this cycle is less technical but arguably more insidious. Criminal networks are cloning federal government portals and using them to target IT staff at financial institutions.
Underneath all of this is a structural shift worth naming directly. Microsoft's MDASH AI tool is responsible for the jump to five hundred and seventy CVEs this month.
Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.