Skip to content
Auto-CTI

What has changed?

Comparing 2 July 2026 with the previous day 1 July 2026.

Newly added

28
APT29 (Cloaked Ursa, Cozy Bear, Midnight Blizzard), UNC6692 B3
85

When "Hi, This Is IT" Comes Through Microsoft Teams

State-sponsored threat actors (APT29/Cloaked Ursa, UNC6692) are actively using compromised Microsoft Teams accounts to impersonate IT support and harvest credentials with documented success against targeted organizations.

Critical
A3
0

Google Chrome: Multiple Vulnerabilities

The BSI warns of multiple undisclosed vulnerabilities in Google Chrome; details are not yet published, complicating timely patch monitoring.

Medium

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

111
NEW A2
98

CVE-2026-50521

The vulnerability requires prior network authorization and is covered by standard NVD reporting without active exploitation or geopolitical dimension.

Critical CVSS 8.3 EPSS 0%
B3
75

25th May , Threat Intelligence Report

Check Point documents a 124% surge in hacktivism and ransomware across Germany, Austria, and Switzerland in 2025,a strategically significant shift in the DACH threat landscape for manufacturing organizations.

Critical
A3
20

[UPDATE] GNU libc: Multiple Vulnerabilities

BSI alert on multiple GNU libc vulnerabilities with broad impact on all Linux systems in production environments; urgency and details depend on the severity level of the underlying CVEs.

High
A3
20

Ubiquiti UniFi OS Server: Multiple Vulnerabilities

BSI warns of multiple critical vulnerabilities in Ubiquiti UniFi OS Server enabling remote code execution and data compromise , a direct threat to network infrastructure requiring urgent patching.

High
NEW C3
20

Massive Password Spray Campaign Targeting Azure CLI

Massive credential-spraying attack with 81 million login attempts against Azure CLI indicates coordinated attacks on cloud infrastructure; LSHIY hosting provider as attack infrastructure suggests organized threat actors.

High
A3
20

[UPDATE] OpenSSL: Multiple Vulnerabilities

The BSI warning describes multiple OpenSSL vulnerabilities without specific CVE designations or severity levels , a typical aggregated security alert for critical infrastructure, but requires clarification for prioritization.

High
A3
20

7-Zip: Vulnerability Enables Code Execution

A newly discovered RCE vulnerability in 7-Zip when processing NTFS archives requires user interaction but poses significant risk in manufacturing environments where archives are frequently exchanged.

High
NEW B3
12

ARToken: Inside an EvilTokens affiliate panel targeting Microsoft 365

ARToken is a fully automated PhaaS panel with 80+ API endpoints for targeted Microsoft 365 phishing, including persistent token acquisition via Microsoft Authentication Broker and SharePoint exfiltration , an escalated threat model compared to earlier EvilTokens reporting.

High
A3
0

Microsoft Edge: Multiple Vulnerabilities

The advisory contains no CVE numbers or specific vulnerability details; this is a generic precautionary notice without current exploitation evidence.

Medium
ESC