Skip to content
Auto-CTI

What has changed?

Comparing 12 July 2026 with the previous day 11 July 2026.

Newly added

3
NEW A2
100

CVE-2026-58596

Network-based privilege escalation in Microsoft Edge allows attackers to gain system privileges remotely without user interaction.

Critical CVSS 8.3 EPSS 0%
NEW ToddyCat B3
75

ToddyCat: your hidden email assistant. Part 2

ToddyCat develops specialized tools (Umbrij) to bypass EPP/EDR solutions through OAuth token theft via remote debugging port , an advanced technique for silent email compromise.

Critical

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

13
KEV C1
67

'Djinn' Stealer Targets Cloud, AI Credentials

The campaign demonstrates that attackers leverage RMM tools as entry points to steal cloud and AI credentials using admin privileges, enabling broad network compromise.

High CVSS 10.0 EPSS 1%
Iran, Russia, China (nation-states) C3
85

Iran, Russia, China Target Water Systems for Sabotage

State-sponsored APT groups exploit simple attack vectors such as weak passwords and lack of network segmentation rather than sophisticated malware,an operational concern for European manufacturing facilities with similar OT configurations.

Critical
NEW C3
80

Comment: The BSI must not become the BND's zero-day supplier

The draft intelligence service law reform could force the BSI to hand over zero-day vulnerabilities to the BND,a step that could endanger the cybersecurity of German organisations if flaws are not promptly disclosed to vendors.

Critical
ESC