Menu

Monthly Cyber Threats Report - July 2026

Issue 19: July 2026

Monthly Cyber Threats Report - July 2026

Editor's note

Francisco Sanches
Francisco Sanches

Welcome to the July 2026 edition of our Monthly Cyber Threats Report.

A consistent theme across this month's articles is the evolution of attacker capability: whether through AI augmentation, autonomous agents or blended physical and cyber tactics, threat actors are finding ways to operate faster, at greater scale and with less human expertise.

In Five Eyes on AIs: the future of cyber threats, Conor analyses the joint advisory issued by the Five Eyes intelligence alliance warning that advanced AI is expected to accelerate and amplify existing cyber threats rather than introduce entirely new attack types.

In JADEPUFFER: the emergence of Agentic AI in ransomware operations, Najeeb examines an autonomous AI agent conducting an end-to-end ransomware intrusion.

In Keyboard to crowbar: when cybercriminals use burglars, Jatinder looks at how threat actors are combining social engineering, impersonation and physical access to circumvent technical controls.

In our upcoming cyber threat webinar we will examine evolving cyber threats in 2026, drawing on insights from our cyber incident response engagements and in-house threat intelligence capabilities.

News
Data image
Five Eyes on AIs: the future of cyber threats

On 22 June, the Five Eyes intelligence alliance - comprising Australia, Canada, New Zealand, the United Kingdom and the United States - issued a rare joint statement warning that advanced AI models are likely to increase cyber risk for businesses and governments over the coming months.

News
technical circuit board
JADEPUFFER: the emergence of Agentic AI in ransomware operations

In July 2026, researchers from Sysdig published details of JADEPUFFER, which Sysdig assesses to be the first documented example of an agentic AI-driven ransomware operation, in which an autonomous large language model agent performed the intrusion lifecycle autonomously after initial deployment.

News
hands on a keyboard in the dark
Keyboard to crowbar: when cybercriminals use burglars

A number of US law firms have reportedly been targeted by a cyber extortion group known as the Silent Ransom Group, using a combination of remote cyber intrusion and physical access attempts. In one of the reported incidents, an executive at a US law firm in New Jersey received a call in April from someone posing as IT support, claiming a virus was spreading through the firm and that in person access to the lawyer’s computer was needed. The following day, a person claiming to be from IT arrived at reception but fled when challenged.

Event
a wireframe of a mountain with dots and lines
Half year cyber threat update
Book now

In our upcoming cyber threat webinar we will examine evolving cyber threats in 2026, drawing on insights from our cyber incident response engagements and in-house threat intelligence capabilities.

Subscribe

Never miss a publication by signing up to our mailing list

Monthly Cyber Threats Report - July 2026 Issues

How can we help you?
Help

How can we help you?

Subscribe: I'd like to keep in touch

If your enquiry is urgent please call +44 20 3321 7000

I'm a client

I'm looking for advice

Something else