Cybersecurity Daily: News & Threats · 19 Jul 2026 · 4 min

SharePoint Zero-Day, FortiBleed Pivot & 500M WordPress RCE

Microsoft's record 570-CVE Patch Tuesday hides a deeper SharePoint persistence chain—and FortiBleed credentials are now unlocking unauthenticated root access in FortiSandbox. Plus a WordPress emergency auto-update threatening one third of the public web.

Cybersecurity Daily: News & Threats
Now Playing
SharePoint Zero-Day, FortiBleed Pivot & 500M WordPress RCE

Audio is available on Spreaker — see link below.

What's covered

570-CVE Microsoft July Record

Five hundred and seventy vulnerabilities. That's what Microsoft patched in a single Patch Tuesday cycle this July, the highest single-month count in the company's history.

Listen now →

SharePoint IIS Key Persistence Chain

That SharePoint situation runs deeper than most organizations realize. A separate SharePoint deserialization flaw with a CVSS score of nine point eight has been chained with three other CVEs in observed attacks.

Listen now →

FortiBleed into FortiSandbox RCE

The same principle applies to the Fortinet situation, and the connective tissue there is the FortiBleed campaign. Since February, a ransomware group tied to Lynx and INC has been harvesting credentials from internet-facing FortiGate firewalls.

Listen now →

WordPress wp2shell 500M Sites

On the web infrastructure side, WordPress has issued an emergency forced auto-update for a critical unauthenticated remote code execution flaw, CVE-2026-63030, affecting versions six point nine and seven point zero. No authentication, no plugin, no special configuration required.

Listen now →

Gold Eagle Federal Scam Wave

The fourth major thread this cycle is less technical but arguably more insidious. Criminal networks are cloning federal government portals and using them to target IT staff at financial institutions.

Listen now →

AI Discovery and the Patch Capacity Problem

Underneath all of this is a structural shift worth naming directly. Microsoft's MDASH AI tool is responsible for the jump to five hundred and seventy CVEs this month.

Listen now →

Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.

More episodes

From Cybersecurity Daily: News & Threats