Skip to content
Auto-CTI

What has changed?

Comparing 13 July 2026 with the previous day 12 July 2026.

Newly added

18
NEW Turla C3
90

Severe cyber attacks and sabotage: EU sanctions Russia

EU sanctions confirm an ongoing, coordinated Russian cyber-attack ecosystem comprising intelligence services, cybercriminals, and hacktivists with documented access to European defense ministries and industrial enterprises.

Critical
NEW Russia (state-sponsored) C3
85

US and allies warn of Russian critical infrastructure attacks

Coordinated warning from Western allies of Russian critical infrastructure attacks signals escalated cyber-warfare activity with potential implications for European industrial operations and supply chains.

Critical
NEW Russia (state-sponsored) C3
80

Weak Security Continues to Fuel Russian Cyberattacks

First joint UK-EU sanctions against Russian cyber actors signal escalation of coordinated Western response to state-sponsored Russian cyber and disinformation campaigns, with direct implications for European critical infrastructure.

Critical
NEW A3
20

[UPDATE] Google Chrome: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in Chrome enabling active exploitation; as Chrome is widely deployed, timely patching to the released fix version should be prioritized.

High
NEW C3
20

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Forg365 demonstrates the industrialization of phishing-as-a-service with AI-assisted lure generation, SMTP rotation via Amazon SES/Twilio SendGrid, and post-compromise mailbox operations for under €400 per month, enabling even low-skill threat actors to orchestrate scaled campaigns against Microsoft 365.

High
NEW A3
20

Microsoft Edge: Multiple Vulnerabilities

BSI warns of multiple unspecified vulnerabilities in Microsoft Edge enabling code execution and privilege escalation; exploitation requires user interaction.

High
B3
0

What's new in Microsoft Security: June 2026

Microsoft introduces AI-powered security tools (MDASH for vulnerability scanning, extended threat detection for databases, Entra Backup) relevant to organizations with hybrid-cloud and multi-cloud infrastructure.

Low

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

3
NEW A2
100

CVE-2026-58596

Network-based privilege escalation in Microsoft Edge allows attackers to gain system privileges remotely without user interaction.

Critical CVSS 8.3 EPSS 0%
NEW ToddyCat B3
75

ToddyCat: your hidden email assistant. Part 2

ToddyCat develops specialized tools (Umbrij) to bypass EPP/EDR solutions through OAuth token theft via remote debugging port , an advanced technique for silent email compromise.

Critical
ESC