Skip to content
Auto-CTI

What has changed?

Comparing 13 July 2026 with the previous day 6 July 2026.

Newly added

18
NEW Turla C3
90

Severe cyber attacks and sabotage: EU sanctions Russia

EU sanctions confirm an ongoing, coordinated Russian cyber-attack ecosystem comprising intelligence services, cybercriminals, and hacktivists with documented access to European defense ministries and industrial enterprises.

Critical
NEW Russia (state-sponsored) C3
85

US and allies warn of Russian critical infrastructure attacks

Coordinated warning from Western allies of Russian critical infrastructure attacks signals escalated cyber-warfare activity with potential implications for European industrial operations and supply chains.

Critical
NEW Russia (state-sponsored) C3
80

Weak Security Continues to Fuel Russian Cyberattacks

First joint UK-EU sanctions against Russian cyber actors signal escalation of coordinated Western response to state-sponsored Russian cyber and disinformation campaigns, with direct implications for European critical infrastructure.

Critical
NEW A3
20

[UPDATE] Google Chrome: Multiple Vulnerabilities

BSI warns of multiple vulnerabilities in Chrome enabling active exploitation; as Chrome is widely deployed, timely patching to the released fix version should be prioritized.

High
NEW C3
20

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft

Forg365 demonstrates the industrialization of phishing-as-a-service with AI-assisted lure generation, SMTP rotation via Amazon SES/Twilio SendGrid, and post-compromise mailbox operations for under €400 per month, enabling even low-skill threat actors to orchestrate scaled campaigns against Microsoft 365.

High
NEW A3
20

Microsoft Edge: Multiple Vulnerabilities

BSI warns of multiple unspecified vulnerabilities in Microsoft Edge enabling code execution and privilege escalation; exploitation requires user interaction.

High
B3
0

What's new in Microsoft Security: June 2026

Microsoft introduces AI-powered security tools (MDASH for vulnerability scanning, extended threat detection for databases, Entra Backup) relevant to organizations with hybrid-cloud and multi-cloud infrastructure.

Low

Newly KEV-listed

0

No changes in this category.

Score moved

0

No changes in this category.

No longer in report

12
Chinese state-sponsored group (unnamed by Anthropic; September 2025 campaign) B3
75

Hypersonic Supply Chain Attacks: One Solution That Didn't Need to Know the Payload

Chinese state-sponsored actors conducted an AI-assisted espionage campaign against approximately 30 organizations in September 2025, with the AI system autonomously executing 80,90% of tactical operations and reducing human decision-making to only 4,6 points per campaign.

Critical
NEW PolinRider (North Korea-aligned) B3
70

6th July , Threat Intelligence Report

North Korea-aligned PolinRider campaign distributes 100+ malicious packages across open-source registries and Chrome extensions; targets developer supply chains critical to manufacturing environments (CAD, ERP integrations).

High
ESC