Skip to content
Auto-CTI

What has changed?

Comparing 8 June 2026 with the previous day 1 June 2026.

Newly added

30
NEW A2
90

CVE-2026-50752

A weakness in certificate validation logic of the deprecated IKEv1 key exchange allows man-in-the-middle attackers to bypass authentication and intercept or modify VPN tunnel traffic.

Critical CVSS 7.4 EPSS 0%
NEW VerdantBamboo (aka Clay Typhoon, UNC5221, Warp Panda) C3
80

VerdantBamboo Deploys BSD Variant of BRICKSTORM on Linux Appliances

A China-nexus APT group (VerdantBamboo/Clay Typhoon) deploys specialized malware variants on Linux systems, including a BSD-variant backdoor with customized persistence mechanisms for appliances; this signals targeted adaptation to critical infrastructure targets.

Critical
B3
80

State-sponsored actors, better known as the friends you don't want

State-sponsored adversaries exploit legitimate access and internal tools rather than direct breaches; their reconnaissance phase can span months and often leaves no detectable log artifacts , standard ransomware incident response procedures are ineffective against them.

Critical
NEW NSO Group C3
75

WhatsApp says it disrupted new NSO spyware phishing attacks

NSO Group is conducting active spear-phishing campaigns via WhatsApp, demonstrating that commercial spyware developers continue to be deployed as state-sponsored tools against individuals and organizations.

Critical
NEW Iran (Iranian state-sponsored cyber actors) C3
75

Iran Signed a Ceasefire , Its Hackers Didn't

The article reveals that Iranian cyber operations continue independently of diplomatic ceasefires, indicating a structural risk to Western and European infrastructure.

Critical
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

The BSI advisory on multiple OpenSSL vulnerabilities without specific CVE identification and without detailed exploitation status indicates a general warning that likely aggregates multiple known vulnerabilities without describing an active targeted campaign.

High
A3
20

Google Chrome: Multiple Vulnerabilities

BSI warns of multiple undisclosed Chrome vulnerabilities; details are minimal, exploitation is possible but only active for specific variants.

High
NEW TeamPCP B3
15

TeamPCP Supply Chain Campaign: Activity Through 2026-06-07

TeamPCP campaign now publicly available in Mini Shai-Hulud framework; threat expands from original supply-chain target to broader attacker community with focus on build-pipeline access and credential exfiltration.

High
NEW A3
0

Microsoft Edge: Multiple Vulnerabilities

The BSI advisory describes multiple vulnerabilities in Microsoft Edge without specific CVE numbers; exploitation in some cases requires only clicking a malicious link.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

19
NEW
97

CVE-2026-47294

The vulnerability requires an authorized user account and enables network-based code execution, not unauthenticated remote exploitation.

Critical CVSS 8.0 EPSS 0%
NEW
20

Unidentified RAT pushes NetSupport RAT

SmartApeSG ClickFix campaign employs multi-stage infection chains: unidentified RAT delivers NetSupport Manager RAT with C2 communication over TCP 443 and daily-changing indicators.

High
NEW
20

Microsoft Edge: Multiple Vulnerabilities

BSI alert on multiple unspecified Edge vulnerabilities without specific CVE numbers or exploit status; likely a patch roundup or generic advisory.

High
ESC