Skip to content
Auto-CTI

What has changed?

Comparing 11 June 2026 with the previous day 10 June 2026.

Newly added

20
NEW C3
70

'GreatXML' Zero-Day Exploit Bypasses BitLocker

The exploit leverages a vulnerability in Microsoft Defender's offline scan functionality to bypass BitLocker and spawn a SYSTEM shell, posing a critical threat to locally accessible Windows systems.

Critical
NEW A3
51

Ubiquiti UniFi OS: Multiple Vulnerabilities

The BSI warning addresses multiple critical vulnerabilities in Ubiquiti UniFi OS without specific CVE identification, suggesting either incomplete disclosure or coordinated vulnerability management.

Critical
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities with high risk potential (RCE, DoS, information disclosure); an official German government warning signals active exploitation or imminent public exploit availability.

High
A3
20

7-Zip: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in 7-Zip with remote code execution potential when processing manipulated archives , relevant immediate threat to desktop end-users.

High
NEW A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities; without specific CVE numbers, this is a generic advisory likely referencing a patch cycle or multiple known flaws.

High
UNC6671 (BlackFile) B3
15

Welcome to BlackFile: Inside a Vishing Extortion Operation

UNC6671 uses social engineering (vishing) combined with Adversary-in-the-Middle (AiTM) and Python/PowerShell to bypass MFA and systematically compromise Microsoft 365 and Okta; the announced shutdown signals possible rebranding rather than permanent cessation.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

52
Kimsuky B3
80

Kimsuky targets organizations with PebbleDash-based tools

Kimsuky actively deploys PebbleDash-based tools (httpMalice, httpSpy, DWAgent) against Western organizations; the newer HTTP variant establishes persistence via Windows services (CacheDB) and mirrors established Kimsuky TTPs.

Critical
NEW A3
47

OpenSSL: Multiple Vulnerabilities

BSI warning regarding multiple OpenSSL vulnerabilities without specific CVE numbers or version information , likely a summary or preparatory advisory.

Critical
NEW A3
20

CVE-2026-44963

The vulnerability enables remote code execution by authenticated domain users on backup systems, requiring prioritization in environments with strict domain access controls.

High EPSS 0%
NEW A3
20

Microsoft Apps: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in Microsoft 365 Copilot, PowerToys, and other Microsoft products with potential for privilege escalation and code execution; no CVE identifiers disclosed, so patch status and exploitation timeline unclear.

High
NEW C3
17

Microsoft Patch Day with open end: Researcher discloses RoguePlanet zero-day

A security researcher under the pseudonym Nightmare Eclipse has disclosed additional zero-day vulnerabilities in BitLocker (YellowKey and GreenPlasma) that are already public and addressed in this patch cycle; this reveals strategic timing of disclosure campaigns against Microsoft.

High
NEW Nightmare Eclipse (Chaotic Eclipse) C3
17

New Windows Zero-Day Exploit 'RoguePlanet' Released

A security researcher (Nightmare Eclipse) has publicly released a proof-of-concept for a Windows zero-day to pressure Microsoft after the company failed to meet disclosure requirements.

High
A3
0

Microsoft Patch Day May 2026

Routine BSI Patch Day advisories are standard security updates with no specific strategic implications for geopolitical or nation-state activity.

Medium
A3
0

Intel Processor: Multiple Vulnerabilities

The BSI alert references multiple local vulnerabilities in Intel processors without citing specific CVE numbers or active exploitation; this suggests a generic or aggregated advisory, possibly within the context of periodic security reviews.

Medium
ESC