Morning Security Brief — 17 July 2026

Record 622-flaw Patch Tuesday with two active zero-days, exploited SharePoint flaws, agentic ransomware, and what deserves your attention today.

A public zero-day PoC dropped hours after Patch Tuesday. Your patch window is now measured in hours, not weeks.

ciso.blog

Top of mind today: July Patch Tuesday was a record — 622 Microsoft flaws, including two zero-days under active attack — and a researcher publicly dropped a new Windows zero-day PoC hours after the patches shipped. Assume exploit code is circulating before your rollout finishes. Pair that with CISA’s ongoing alarm over actively exploited on-prem SharePoint flaws, and Microsoft estate patching is this week’s #1 job.

IT / Cyber Security

  • Microsoft patches record 622 flaws, two zero-days under active attack. Largest Patch Tuesday on record; prioritise the actively exploited pair immediately. (The Hacker News, ZDI review)
  • Windows zero-day PoC published hours after Patch Tuesday. Public exploit code before most orgs patch — shrink your deployment window this cycle. (The Hacker News)
  • CISA: actively exploited SharePoint Server flaws (on-prem, all supported versions). RCE plus post-exploitation; treat as emergency patching if you run on-prem SharePoint. (CISA, The Register)
  • Oracle E-Business Suite added to CISA KEV (CVE-2026-46817). An unauthenticated HTTP attacker can take over Oracle Payments. (CISA KEV)
  • SimpleHelp auth bypass, CVSS 10.0 (CVE-2026-48558). Max-severity flaw in remote-support software — a classic ransomware entry point. (Security Online)
  • Zoom flaw enables account takeover (CVE-2026-53412). Patch the client fleet; collaboration tools are a quiet account-takeover vector. (The Hacker News)
  • TRICARE West breach (16 Jul). Health data of thousands of US military beneficiaries exposed. (Dark Reading)
  • Coca-Cola/Fairlife ransomware halts US production. Real OT/production impact, not just data theft — a board-level supply-chain story. (BleepingComputer)
  • FortiBleed: mass FortiGate credential theft feeding INC/Lynx ransomware. If you run FortiGate, rotate credentials and hunt for compromise. (Check Point Research)

AI Security

  • First end-to-end “agentic ransomware” (JadePuffer). Sysdig documented an AI agent exploiting a Langflow flaw, stealing credentials, moving laterally and encrypting files — a human was still in the loop, but AI/agent frameworks are now attack surface. (TechCrunch, Innovate Cybersecurity)
  • AI-written malware reportedly hit power grids in three countries. Single secondary source so far — watch for official CERT confirmation before acting, but the direction of travel is clear. (OpenVPN weekly roundup)
  • Prompt injection remains OWASP’s #1 LLM threat. Critical CVEs in Microsoft Copilot (9.3), GitHub Copilot (9.6) and Cursor IDE (9.8) show coding assistants with repo access are live targets; the UK NCSC says the problem “may never be fully fixed” — defense in depth, not filters. (Vectra AI, Securance)

For the C-level skim

Two things matter this morning: the window between patch release and public exploit code has collapsed to hours, so emergency patching capability is now a business requirement, not an IT nicety. And AI-driven attacks stopped being theoretical this month — budget for securing your own AI stack the way you budget for securing your network.