Skip to content
Auto-CTI

What has changed?

Comparing 4 July 2026 with the previous day 27 June 2026.

Newly added

17
StrikeShark B3
12

StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader

A previously undocumented malware family (SharkLoader) is being deployed in a multinational campaign targeting government and diplomatic organizations to deliver Cobalt Strike Beacon; the threat actor leverages publicly available exploits against internet-facing applications such as Microsoft Exchange and SharePoint.

High

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

4
NEW Russian Intelligence Services C3
85

Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials

Russian intelligence services are conducting a targeted campaign using fake SMS messages to steal credentials from Ukrainian and European government officials, military personnel, and activists , a strategic threat pattern for DACH organizations in government and critical infrastructure sectors.

Critical
NEW Russian intelligence services C3
75

FBI: Russian hackers now target Signal backup recovery keys

Russian intelligence services are expanding their Signal-targeted phishing campaigns to extract Backup Recovery Keys, enabling access to historical messages and compromising the security of encrypted communications within organizations.

Critical
ESC