Skip to content
Auto-CTI

What has changed?

Comparing 11 June 2026 with the previous day 4 June 2026.

Newly added

20
NEW C3
70

'GreatXML' Zero-Day Exploit Bypasses BitLocker

The exploit leverages a vulnerability in Microsoft Defender's offline scan functionality to bypass BitLocker and spawn a SYSTEM shell, posing a critical threat to locally accessible Windows systems.

Critical
NEW A3
51

Ubiquiti UniFi OS: Multiple Vulnerabilities

The BSI warning addresses multiple critical vulnerabilities in Ubiquiti UniFi OS without specific CVE identification, suggesting either incomplete disclosure or coordinated vulnerability management.

Critical
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities with high risk potential (RCE, DoS, information disclosure); an official German government warning signals active exploitation or imminent public exploit availability.

High
A3
20

7-Zip: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in 7-Zip with remote code execution potential when processing manipulated archives , relevant immediate threat to desktop end-users.

High
NEW A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities; without specific CVE numbers, this is a generic advisory likely referencing a patch cycle or multiple known flaws.

High
UNC6671 (BlackFile) B3
15

Welcome to BlackFile: Inside a Vishing Extortion Operation

UNC6671 uses social engineering (vishing) combined with Adversary-in-the-Middle (AiTM) and Python/PowerShell to bypass MFA and systematically compromise Microsoft 365 and Okta; the announced shutdown signals possible rebranding rather than permanent cessation.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

14
NEW TeamPCP C3
75

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A hacker group (TeamPCP) is exploiting vulnerabilities in development tools and cloud misconfigurations at scale to steal credentials and propagate through supply-chain ecosystems via worms,a new escalation in attacks on open-source infrastructure.

Critical
NEW Iranian state-backed ransomware actors C3
75

U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors

Iranian ransomware actors use cryptocurrency exchanges for money laundering; OFAC sanctions against Nobitex signal escalated financial control and elevated risk for European organizations targeted by Iran-backed ransomware campaigns.

Critical
NEW A3
20

CVE-2026-50205

The vulnerability enables extraction of unencrypted SMTP authentication credentials directly from system log files , a frequently overlooked attack vector for lateral movement and account compromise.

High EPSS 0%
ESC