In partnership with

Five governments warned you AI-driven cyberattacks were months away, not years. Nine days later, researchers caught the first one running on its own, no human at the keyboard. Meanwhile a Delaware sanctions clock is running out on one of the state's most prestigious firms, and a new survey says 93% of legal teams still haven't figured out how to make any of this pay off.

THE LEAD PLAY

The Warning Said Months. It Took Nine Days.

On June 22, the cybersecurity arms of five governments (the US, UK, Canada, Australia, and New Zealand) put a number on how much time defenders had left before frontier AI meaningfully accelerated offensive cyber capability. Months, they said. Not years. Issue #3 covered that warning in detail.

On July 1, the security firm Sysdig published the answer. JADEPUFFER, as they named it, is the first documented ransomware operation run end to end by an autonomous AI agent, no person driving the keyboard at any stage. The agent broke into an internet-facing server through a known vulnerability, harvested credentials, moved laterally to a production database, and ran a full extortion playbook: encryption, deletion of the originals, a ransom note. It adapted in real time: in one sequence, a failed login became a working fix in 31 seconds. The payloads were self-narrating, full of the kind of reasoning a human attacker doesn't usually bother writing down but an LLM produces by default.

None of the individual techniques were new. The vulnerability was from 2025, the authentication bypass from 2021, the target was infrastructure nobody had gotten around to patching. What changed is who ran the playbook. Sysdig's read: running ransomware now costs whatever it takes to operate an agent, and if that agent is working off stolen credentials, that cost rounds down to nothing.

This isn't a story about a uniquely sophisticated attack. It's a story about the attacks nobody bothered to run before, because they required a skilled person to sit down and do it, now running themselves. The UK just felt this at scale. Dozens of major companies, including Microsoft and Deloitte, pledged this week to tighten cyberdefenses after AI-enabled attacks cost the UK economy an estimated £14.7 billion a year. Law firms and legal departments hold exactly the kind of material this warning was about. Privileged communications. Deal terms. Litigation strategy. You're inventory, same as Issue #3 said.

The Play this week: Skip the philosophical IR-plan conversation from Issue #3 and ask IT or security two specific questions instead: how many internet-facing systems does the firm actually have, and what's the average time from patch release to patch applied for a critical CVE. JADEPUFFER didn't need a zero-day. It needed a system nobody patched. If nobody can give you clean numbers on both, that's the finding, and it belongs in front of whoever owns the budget, not buried in an IT backlog.

Speak naturally. Send without fixing.

Wispr Flow turns your voice into clean, professional text you can send the moment you stop talking. Not rough transcription you have to clean up. Actual polished text — ready for email, Slack, or any app.

Speak the way you think. Go on tangents. Change your mind mid-sentence. Flow strips the filler, fixes the grammar, and gives you text that reads like you spent five minutes writing it.

89% of messages sent with zero edits. Millions of professionals use Flow daily, including teams at OpenAI, Vercel, and Clay. Works on Mac, Windows, and iPhone.

SUPPORTING PLAY 1

Richards Layton Has Until July 15 to Explain Itself

Richards, Layton & Finger ("the gold standard in Delaware" per Chambers, the firm every Fortune 500 GC has on speed dial for anything touching the Court of Chancery) has been ordered to show cause why it and one of its attorneys shouldn't be sanctioned. The brief in question, filed in an advancement case now before Vice Chancellor Lori Will, contained what the court called hallucinated legal propositions. The firm has until July 15 to respond.

A director at the firm said back in January that Richards Layton was trying AI tools to help revise text as part of the drafting process. Not research, not a chatbot answering a legal question: an editing pass on text that already existed, the kind of tool nobody in the review chain flagged as "AI" because it doesn't look like AI. It looks like proofreading.

Every citation-verification protocol built off Issue #1 checks whether a cited case exists and says what the brief claims it says. None of that catches a revision tool that quietly alters a citation's characterization mid-edit, because the protocol assumes AI shows up as a chatbot someone consciously opened. This one didn't.

The Play this week: Inventory the AI features already living inside tools your firm approved for something else: drafting assistants, redlining plugins, anything that touches a document before it goes out the door. If your AI policy only covers tools people consciously chose to open, it has a hole exactly this shape.

SUPPORTING PLAY 2

Axiom's new survey of 528 in-house legal leaders, published July 9, delivered an uncomfortable number: every team using AI plans to spend more next year, and 83% can't show whether last year's spending paid off. Only 7% have moved past piloting into something they actually use, optimize, and measure.

The gap isn't budget. Axiom's researchers looked for what separated the 7% from everyone else and found a specific pattern: bounded pilots, one workflow, eight to twelve weeks, success and failure criteria set before the pilot started, not after the results came in. Everyone else is running AI the way you'd run a permanent department: open-ended, unmeasured, judged in hindsight by whether it feels like it's working.

There's a second finding in the same report worth pausing on. 92% of in-house teams expect AI-driven rate cuts from their outside counsel. Most aren't getting them. If your firm can't say what AI has actually changed about delivery, you're part of the reason that number holds.

The Play this week: Pick one workflow you already run through AI and structure it as a real pilot, not an ongoing experiment. Set the window (eight to twelve weeks is the number in the data), decide up front what "worked" looks like, and write it down before you start. If you can't articulate a kill criterion, you don't have a pilot. You have a habit nobody's evaluated.

QUICK HITS

  • Legion dropped its lawsuit against the Commerce Department now that the Fable 5 and Mythos 5 embargo from Issue #2 has been lifted. The legal tech company had challenged the export order directly; once Anthropic's access was restored July 1, the claims went with it. Closes the loop. The underlying exposure doesn't.

  • Darrow, the litigation intelligence platform, laid off roughly a third of its staff this week despite describing itself as profitable and growing three years running. The company says it's shifting resources toward more automatable work for insurers and corporations. Worth remembering next time a vendor tells you their headcount is fine: profitable and growing isn't the same claim as stable.

  • Deloitte's latest survey found 79% of legal departments raised their AI budgets this year, growing by 67% on average, with 61% now past the pilot stage into deployment. The same report has GCs increasingly pushing outside counsel for cost concessions as AI reshapes billing. Different survey than Supporting Play 2, same pressure.

  • Law360 Pulse reports law firms are increasingly betting on practice-specific AI platforms over general assistants like Harvey and Legora, for tasks where a purpose-built tool beats a generalist one. If you mapped your stack per Issue #1, check whether a horizontal tool is still the right fit for your highest-volume, most specialized workflow.

That's Issue #6. The pattern this week: the tools getting you in trouble don't look like AI, and the tools paying off are the ones treated like a real experiment instead of a permanent fixture. See you in the next one.

Keep Reading