Skip to content
Auto-CTI

What has changed?

Comparing 25 June 2026 with the previous day 24 June 2026.

Newly added

16
KEV NEW C1
100

Cisco SD-WAN Zero-Day Exploited Months Before Patching

A Cisco SD-WAN zero-day was actively exploited for months prior to disclosure, with evidence of file deletion and system configuration restoration by the attacker to evade detection.

Critical CVSS 7.8 EPSS 10%
NEW Russia A3
90

«Security Switzerland 2026»: No All-Clear for Switzerland

The official Swiss security report 2026 designates Russia as Europe's greatest threat with aggressive hybrid warfare directly targeting Switzerland in cyberspace, critical infrastructure, and espionage , a strategic signal for Swiss manufacturing SMEs.

Critical
NEW C3
80

Europe Evolves Into Ransomware's Favorite Region

After a global lull in 2024,2025, ransomware gangs have actively refocused on Europe and are deliberately targeting EU organizations and their supply chains,a strategic risk for Swiss and European manufacturing enterprises.

Critical
NEW A3
20

CVE-2026-53153

Race-condition vulnerability in Linux kernel memory management with potential for memory corruption under concurrent access to memcg lists.

High EPSS 0%
NEW B3
20

Introduction to COM usage by Windows threats

Cisco Talos documents systematically how malware exploits COM interfaces for lateral movement, persistence, and evasion , a fundamental defensive competency for Windows-heavy infrastructure defenders.

High
NEW A3
20

[UPDATE] Adobe Acrobat DC: Multiple Vulnerabilities

The BSI has issued a security advisory on multiple vulnerabilities in Adobe Acrobat DC and Adobe Acrobat Reader DC enabling remote code execution and privilege escalation, though specific CVE identifiers are not named in this notice.

High
NEW C3
17

Update Chrome to patch critical browser security flaws

Chrome 149.0.7827.196/197 patches 18 vulnerabilities including four critical flaws; no indication of active in-the-wild exploitation yet, but Chrome zero-days have been exploited multiple times this year.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

54
NEW C3
75

Traces of cyberattacks often lead to Russia

Germany is identified as Europe's focal point for ransomware attacks, while Russia serves as a safe haven for cybercriminals,a geopolitical pattern with direct relevance for DACH organizations.

Critical
NEW C3
70

Ubiquiti UniFi OS Security Vulnerabilities Under Active Attack

Critical Ubiquiti UniFi OS vulnerabilities are already being actively exploited in the wild despite patches being available since late May 2026; administrators who have not yet updated to version 5.1.12 or 5.0.8 are at immediate risk.

Critical
NEW C3
70

Critical Ubiquiti Vulnerabilities in Attackers' Crosshairs

Multiple critical Ubiquiti vulnerabilities (CVE-2026-34908, -34909, -34910 with CVSS 10/10 and CVE-2025-67038 with CVSS 9.8) were already exploited in the wild as zero-days despite patches, to create rogue administrator accounts and conduct automated reconnaissance attacks.

Critical
A3
20

Mozilla Firefox: Multiple Vulnerabilities

The BSI alert does not specify CVE numbers or affected versions, indicating a generic vulnerability announcement without concrete threat intensity.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

The BSI warns of multiple critical-severity vulnerabilities in OpenSSL (RCE, DoS, information disclosure); timely patching and specific CVE identification are required to prioritize affected systems.

High
A3
20

Ubiquiti UniFi OS: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in Ubiquiti UniFi OS without specific CVE numbers; technical detail level and exploitation status are currently unclear.

High
A3
20

7-Zip: Multiple Vulnerabilities

The BSI warns of multiple vulnerabilities in 7-Zip that can be exploited by simply opening manipulated archives and enable code execution.

High
NEW Woodgnat C3
17

New 'Mistic' RAT Opens Door to Several Ransomware Families

Woodgnat group actively uses the new Mistic RAT to distribute multiple ransomware families (Qilin, Rhysida, Akira, Black Basta), combining technical exploits with social engineering techniques like ClickFix.

High
NEW A3
0

[UPDATE] Linux Kernel: Multiple Vulnerabilities

BSI alert on multiple unspecified Linux Kernel vulnerabilities without CVE details complicates prioritisation; details and affected versions must be retrieved from the full BSI advisory.

Medium
A3
0

Microsoft Patch Day May 2026

Monthly patch summary without specification of individual CVEs or active exploits , routine update announcement.

Medium
ESC