Skip to content
Auto-CTI

What has changed?

Comparing 24 June 2026 with the previous day 17 June 2026.

Newly added

54
NEW C3
75

Traces of cyberattacks often lead to Russia

Germany is identified as Europe's focal point for ransomware attacks, while Russia serves as a safe haven for cybercriminals,a geopolitical pattern with direct relevance for DACH organizations.

Critical
NEW C3
70

Ubiquiti UniFi OS Security Vulnerabilities Under Active Attack

Critical Ubiquiti UniFi OS vulnerabilities are already being actively exploited in the wild despite patches being available since late May 2026; administrators who have not yet updated to version 5.1.12 or 5.0.8 are at immediate risk.

Critical
NEW C3
70

Critical Ubiquiti Vulnerabilities in Attackers' Crosshairs

Multiple critical Ubiquiti vulnerabilities (CVE-2026-34908, -34909, -34910 with CVSS 10/10 and CVE-2025-67038 with CVSS 9.8) were already exploited in the wild as zero-days despite patches, to create rogue administrator accounts and conduct automated reconnaissance attacks.

Critical
A3
20

Mozilla Firefox: Multiple Vulnerabilities

The BSI alert does not specify CVE numbers or affected versions, indicating a generic vulnerability announcement without concrete threat intensity.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

The BSI warns of multiple critical-severity vulnerabilities in OpenSSL (RCE, DoS, information disclosure); timely patching and specific CVE identification are required to prioritize affected systems.

High
A3
20

Ubiquiti UniFi OS: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in Ubiquiti UniFi OS without specific CVE numbers; technical detail level and exploitation status are currently unclear.

High
A3
20

7-Zip: Multiple Vulnerabilities

The BSI warns of multiple vulnerabilities in 7-Zip that can be exploited by simply opening manipulated archives and enable code execution.

High
NEW Woodgnat C3
17

New 'Mistic' RAT Opens Door to Several Ransomware Families

Woodgnat group actively uses the new Mistic RAT to distribute multiple ransomware families (Qilin, Rhysida, Akira, Black Basta), combining technical exploits with social engineering techniques like ClickFix.

High
NEW A3
0

[UPDATE] Linux Kernel: Multiple Vulnerabilities

BSI alert on multiple unspecified Linux Kernel vulnerabilities without CVE details complicates prioritisation; details and affected versions must be retrieved from the full BSI advisory.

Medium
A3
0

Microsoft Patch Day May 2026

Monthly patch summary without specification of individual CVEs or active exploits , routine update announcement.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

20
NEW Nightmare Eclipse C2
70

Microsoft Working on Patch for 'RoguePlanet' Zero-Day

The threat is driven by the Nightmare Eclipse group as part of a targeted campaign against Microsoft, with multiple zero-days (BlueHammer, RedSun, UnDefend) already exploited in the wild.

Critical
ESC