Hello 👋 get a brew on because these are the top emerging risks between July 14th, and 28th, 2025…
Review our report’s terminology here ↗
Our main risk this fortnight is…
1. Technological: Chinese Hackers Breach US Nuclear Weapons Agency
Chinese state-sponsored hackers breached the U.S. National Nuclear Security Administration using Microsoft SharePoint zero-day vulnerabilities known as "ToolShell".
Over 400 servers compromised globally including government agencies, banks, universities, and critical infrastructure across multiple continents.
Attackers stole cryptographic machine keys enabling persistent access that survives patching and system reboots.
No classified nuclear information was stolen as sensitive systems are air-gapped, but the breach demonstrates sophisticated adversaries' ability to penetrate critical infrastructure.
Emergency patches available but organisations must also rotate machine keys and implement additional security measures to prevent reinfection.
We reported on this zero-day exploit in more detail here >
Sources
US nuclear weapons agency hacked in Microsoft SharePoint attacks | BleepingComputer | July 23, 2025
U.S. nuclear and health agencies hit in Microsoft SharePoint breach | The Washington Post | July 23, 2025
Customer guidance for SharePoint vulnerability CVE-2025-53770 | Microsoft Security Response Center | July 20, 2025
ToolShell Campaign: New SharePoint Zero-Day (CVE-2025-53770) Triggers Widespread Exploitation | SOCRadar | July 25, 2025
You should be concerned if…
Your organisation runs on-premises SharePoint servers: Only self-hosted SharePoint installations are vulnerable, not Microsoft 365 cloud versions.
You're in critical infrastructure, government, healthcare, or finance: These sectors have been primary targets in the global campaign with documented breaches across federal agencies, banks, and hospitals.
Your SharePoint servers are internet-accessible: Attackers specifically target publicly exposed SharePoint instances to exploit the authentication bypass vulnerability.
You haven't applied July 2025 security updates: Organisations running unpatched SharePoint 2016, 2019, or Subscription Edition face immediate compromise risk.
These items are generic assumptions. We recommend considering your own unique risk landscape against your critical dependencies. If you don’t know what they are, get in touch.
Preventative actions
Apply Emergency Patches Immediately
Deploy Microsoft's security updates for SharePoint Server 2016, 2019, and Subscription Edition released July 21, 2025, addressing CVE-2025-53770 and CVE-2025-53771.
Rotate Machine Keys Before and After Patching
Change ASP.NET ValidationKey and DecryptionKey in SharePoint's web.config files twice—once before patching and once after—to invalidate any stolen cryptographic keys.
Enable Microsoft Defender Integration
Configure Antimalware Scan Interface (AMSI) with Microsoft Defender Antivirus on all SharePoint servers to block exploitation attempts even on unpatched systems.
Hunt for Compromise Indicators
Search for "spinstall0.aspx" files in SharePoint layouts directories and monitor for w3wp.exe processes spawning encoded PowerShell commands as signs of successful breach.
Disconnect Vulnerable Systems
If immediate patching isn't possible, disconnect internet-facing SharePoint servers until security updates can be applied to prevent ongoing exploitation.
2. Societal: AI Errors Infiltrate US Court System
First known judicial ruling based on AI-generated fake legal cases occurred in Georgia divorce dispute, with trial judge issuing order citing completely fabricated precedent.
95 documented cases of AI hallucinations in U.S. court filings since June 2023, with 58 occurring in 2025 alone, affecting major law firms and government prosecutors.
Only two states require judges to be "tech competent" regarding AI despite widespread use of AI tools by lawyers and self-represented litigants.
Legal experts warn problem will accelerate as overwhelmed courts rely on lawyer-drafted orders while AI tools flood system with more filings.
Systemic threat to judicial integrity as fabricated precedent could influence future wrongful convictions and erode public trust in legal system.
Sources
It's "frighteningly likely" many US courts will overlook AI errors, expert says | Ars Technica | July 2025
Trial Court Decides Case Based On AI-Hallucinated Caselaw | Above the Law | July 2025
How AI is introducing errors into courtrooms | MIT Technology Review | May 19, 2025
Lawyers using AI keep citing fake cases in court. Judges... | The Washington Post | June 3, 2025
You should be concerned if…
You're involved in active legal proceedings: Your case could be decided based on fabricated legal precedents that lawyers haven't properly verified, especially in family law, civil disputes, or criminal matters.
You work in the legal system as a judge, clerk, or court staff: Most judicial officers have received no training on detecting AI hallucinations despite their increasing prevalence in court filings.
You rely on legal AI tools for research or practice: Even premium legal AI platforms marketed as "accurate" are producing fake citations and cases at alarming rates.
You're in jurisdictions with overwhelmed courts: Heavy case loads and reliance on lawyer-drafted orders create perfect conditions for AI-generated errors to slip through judicial review.
Preventative actions
Demand AI Disclosure and Verification
Ask any lawyer representing you to disclose their AI use and provide written certification that they've independently verified all AI-generated research and citations.
Implement Court Training Programs
Advocate for mandatory continuing education for judges and court staff on identifying AI hallucinations, focusing on red flags like case numbers containing "123456" or mismatched regional court reporters.
Verify Legal Research Independently
Never rely solely on AI-generated legal research without cross-checking citations in original legal databases and confirming case authenticity through multiple sources.
Establish Verification Protocols
Legal organisations should require lawyers to maintain detailed verification logs when using AI tools and implement peer review processes for AI-assisted work.
Support Transparency in Legal AI
Push for legal AI companies to provide transparent accuracy metrics and stop marketing tools as "hallucination-free" when they demonstrably produce false information.
Quick snippet stories
Alaska Airlines IT Outage Grounds Fleet
Alaska Airlines experienced a three-hour IT outage Sunday night that caused over 150 flight cancellations due to critical hardware failure at the airline's data centres, affecting both Alaska Airlines and Horizon Air operations.
Source: Business TimesSwiss Broadcasting Infrastructure Disrupted
Switzerland's public broadcaster SRF experienced a mysterious website disruption Thursday morning, with error messages linking to a US web development company, raising questions about European media infrastructure security.
Source: BluewinFrench Air Traffic Strikes Cause Mass Disruption
French air traffic controller strikes in early July disrupted over a million travellers, causing 3,700 daily flight delays and 1,400 cancellations, costing airlines approximately €120 million with no resolution in sight.
Source: Business InsiderGlobal Starlink Outage Affects Millions
Starlink's satellite internet service (provided by SpaceX) went down for over two hours Thursday due to "failure of key internal software services that operate the core network," affecting customers from the US to Asia.
Source: Engadget
Want to discuss how these risks might effect your business?
Book 30 minutes with us, free ↗
Need support?
At Fixinc, we are passionate about helping people get through disasters. That’s why our team of Advisors bring you this resource free of charge. If you need help understanding these threats and building a plan against them, the same Advisors are here to help over a 30-minute online call. Once complete, if you like what was provided, you can choose to provide a donation or subscribe to Unreasonable Ventures to support this channel.
Share this post