Cybersecurity Daily: News & Threats · 16 Jul 2026 · 5 min

SonicWall CVSS 10.0, Record 570 Patches & LegacyHive Zero-Day

Two actively exploited SonicWall zero-days — including a perfect CVSS 10.0 — headline a brutal week alongside Microsoft's record-breaking 570-patch July release. Identity systems, remote access infrastructure, and an unpatched Windows PoC are all under fire right now.

Cybersecurity Daily: News & Threats
Now Playing
SonicWall CVSS 10.0, Record 570 Patches & LegacyHive Zero-Day

Audio is available on Spreaker — see link below.

What's covered

SonicWall CVSS 10.0 Zero-Days

Two zero-days are being actively exploited right now in SonicWall's Secure Mobile Access appliances, and one of them carries a perfect CVSS score of ten point zero. That's not a theoretical risk.

Listen now →

Microsoft Record 570 Patches

Microsoft's July Patch Tuesday set a record. More than five hundred and seventy vulnerabilities fixed in a single release, with between fifty-seven and sixty-three rated critical.

Listen now →

SharePoint and AD FS Under Attack

Two of Microsoft's three zero-days this cycle are confirmed under active exploitation, and both target identity and access systems. CVE-2026-56164 is a missing authentication flaw in SharePoint Server that allows privilege escalation.

Listen now →

LegacyHive Unpatched Windows PoC

Hours after Patch Tuesday, a researcher operating under the name Chaotic Eclipse released a working privilege escalation exploit for Windows. The vulnerability, called LegacyHive, abuses the User Profile Service to load an arbitrary hive.

Listen now →

BitLocker Bypass and Patch Risk

The third zero-day this cycle is CVE-2026-50661, a BitLocker bypass. An attacker with physical access can use it to circumvent Device Encryption and read protected data.

Listen now →

What to Watch Next

The near-term watchpoints are clear. Patch SonicWall SMA one thousand series immediately.

Listen now →

Chapter summary auto-generated from the verified script. Listen to the full episode for the complete content.

More episodes

From Cybersecurity Daily: News & Threats