Skip to content
Auto-CTI
Archive view — this data may be outdated.

CTI status

Joel Traber AG

As of:

Last pipeline run:

Status High

All threats

Sorted by KEV · Risk · EPSS
Admiralty grading (A–F · 1–6)

Source reliability

  • A Completely reliable
  • B Usually reliable
  • C Fairly reliable
  • D Not usually reliable
  • E Unreliable
  • F Cannot be judged

Information credibility

  • 1 Confirmed
  • 2 Probably true
  • 3 Possibly true
  • 4 Doubtful
  • 5 Improbable
  • 6 Cannot be judged

NATO Admiralty (AJP-2.1) grades confidence, independent of the risk score. Cross-source corroboration isn't tracked for non-CVE news, so single-source items are capped at a lower credibility number; a low number does not imply low quality.

KEV BRICKSTORM B1
72

vSphere and BRICKSTORM Malware: A Defender's Guide

BRICKSTORM is a targeted espionage campaign against VMware vSphere environments that establishes persistence at the hypervisor layer below the guest OS, exploiting visibility gaps in traditional endpoint detection.

High CVSS 10.0 EPSS 23%
NEW A2
100

CVE-2026-48579

The vulnerability affects authorization in Exchange Online and allows unauthorized information disclosure over the network , a direct risk for cloud-based email infrastructure.

Critical CVSS 9.1 EPSS 0%
NEW A2
79

CVE-2026-47655

The vulnerability allows an authorized attacker to disclose sensitive information via the Microsoft Graph API; this is critical for organizations using Microsoft 365 and Entra ID.

Critical CVSS 6.5 EPSS 0%
NEW Nimbus Manticore (Iran IRGC-affiliated) B3
75

Fast and Furious , Nimbus Manticore Operations During the Iranian Conflict

An Iran-affiliated IRGC-linked threat actor (Nimbus Manticore) demonstrates novel operational techniques including SEO poisoning against Western aviation and software sectors, indicating elevated state-sponsored cyber activity during regional conflicts with potential supply-chain implications for European manufacturing.

Critical
B3
75

25th May , Threat Intelligence Report

Hacktivism and ransomware in Germany, Austria, and Switzerland surged 124% in 2025; simultaneously, Windows Defender zero-days (CVE-2026-41091, CVE-2026-45498) are actively exploited.

Critical
NEW A2
70

CVE-2026-48092

The vulnerability affects only 32-bit builds of 7-Zip; 64-bit versions are protected due to automatic integer promotion, enabling selective patching prioritization.

High CVSS 4.3 EPSS 0%
NEW A2
52

CVE-2026-48111

The vulnerability is triggered automatically when opening UEFI firmware archives and can cause denial of service or data leakage without requiring active exploitation.

Medium CVSS 4.3 EPSS 0%
NEW A2
38

CVE-2026-48102

The vulnerability allows information disclosure and denial-of-service via crafted UDF disc images; auto-detection by signature means suspect ISO/UDF files pose a crash risk at the point of opening.

Low CVSS 3.1 EPSS 0%
A3
20

[UPDATE] GNU libc: Multiple Vulnerabilities

The BSI warning addresses multiple GNU libc vulnerabilities without explicitly naming specific CVE numbers; this indicates a meta-advisory or overview of several already-known gaps.

High
NEW A3
20

Google Chrome and Microsoft Edge: Multiple Vulnerabilities

BSI warns of multiple unspecified vulnerabilities in both browsers exploitable via web-based attacks , without specific CVE numbers or PoC details, this is likely a generic security advisory accompanying a regular patch cycle.

High
What has changed since yesterday? →
ESC