Skip to content
Auto-CTI

What has changed?

Comparing 27 June 2026 with the previous day 20 June 2026.

Newly added

4
NEW Russian Intelligence Services C3
85

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Russian intelligence services are conducting a targeted campaign using fake SMS messages to steal credentials from Ukrainian and European government officials, military personnel, and activists , a strategic threat pattern for DACH organizations in government and critical infrastructure sectors.

Critical
NEW Russian intelligence services C3
75

FBI: Russian hackers now target Signal backup recovery keys

Russian intelligence services are expanding their Signal-targeted phishing campaigns to extract Backup Recovery Keys, enabling access to historical messages and compromising the security of encrypted communications within organizations.

Critical

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

57
NEW A2
100

CVE-2026-54130

An authentication bypass in M365 Copilot permits unauthorized access to sensitive information over the network without legitimate credentials.

Critical CVSS 9.8 EPSS 0%
NEW A2
100

CVE-2026-45480

An authentication flaw in Azure AD enables remote privilege escalation; this affects organizations relying on Microsoft Entra ID for identity management, especially in distributed access scenarios (RDP, VPN, cloud services).

Critical CVSS 10.0 EPSS 0%
NEW A2
90

CVE-2026-48582

An authentication gap in Microsoft Exchange Online allows authorized attackers to escalate privileges over the network, with no prior disclosure or active exploitation reported.

Critical CVSS 9.6 EPSS 0%
NEW A2
87

CVE-2026-42488

A memory corruption vulnerability in Xen shadow paging can lead to mapcache inconsistencies when vCPU references are not updated after page-table switches.

Critical CVSS 8.1 EPSS 0%
Screening Serpens B3
85

Tracking Iranian APT Screening Serpens' 2026 Espionage Campaigns

Iranian APT Screening Serpens deploys updated MiniJunk V2 malware with advanced defense evasion techniques (.NET AppDomainManager) for espionage against European targets, signaling elevated activity against EU/DACH infrastructure.

Critical
B3
75

25th May , Threat Intelligence Report

Two actively exploited Windows Defender flaws (privilege escalation and denial of service) are being weaponized in the wild, coinciding with a documented 124% surge in hacktivism and ransomware targeting DACH organizations in 2025.

Critical
NEW A2
50

CVE-2026-1288

A NULL pointer dereference in Revit's RFA-to-FormIt conversion can cause application crashes, but impacts only availability, not data integrity or code execution.

Medium CVSS 5.5 EPSS 0%
NEW A3
20

Adobe Creative Cloud Applications: Multiple Vulnerabilities

The BSI warns of multiple unspecified vulnerabilities in Adobe Creative Cloud without naming individual CVEs or version numbers; this indicates an aggregated security notice but requires cross-reference with Adobe security bulletins for specific affected versions.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

BSI warns of multiple OpenSSL vulnerabilities with varying impacts (DoS, information disclosure); specific CVE numbers and CVSS scores are required for prioritization.

High
A3
20

7-Zip: Vulnerability Enables Code Execution

A code-execution vulnerability in 7-Zip affecting NTFS archive processing requires user interaction for exploitation; this poses a risk to systems where 7-Zip is deployed for file management.

High
NEW B3
15

Threat Brief: Mitigating Large-Scale Credential Attacks

Unit 42 documents an active large-scale campaign using password spraying attacks against Fortinet, Sophos, and MSSQL services for initial access; threat actors extract configurations and target authentication mechanisms.

High
A3
0

Microsoft Patchday April 2026

Routine BSI patch advisory without specific CVE details or active exploitation; requires standard patch process.

Medium
ESC