2026-05-12-cd1ab844
One pipeline fire, in full · intel run of 2026-05-12 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-05-12/2026-05-12-cd1ab844.md.
Run telemetry
- Items returned
- 3
- Duration
- 7m 59s
- Tool calls
- 15 WebFetch16 WebSearch9 bridge
- Cited sources
- 6 of 28 in slice
- Items returned
- 3
- Duration
- 9m 32s
- Tool calls
- 14 WebFetch18 WebSearch8 bridge
- Cited sources
- 7 of 43 in slice
- Items returned
- 5
- Duration
- 10m 42s
- Tool calls
- 18 WebFetch18 WebSearch4 bridge
- Cited sources
- 9 of 64 in slice
- Items returned
- 4
- Duration
- 9m 16s
- Tool calls
- 22 WebFetch21 WebSearch3 bridge
- Cited sources
- 9 of 23 in slice
Verification
Deep dive
2026-05-12/gtig-ai-threat-tracker-may-2026-first-confirmed-ai-generated
Entries published (this run)
- ICO fines South Staffordshire Water £963,900 — water-sector OES with partial SIEM coverage; Cl0p attribution and ZeroLogon kill-chain detail sourced to The Record incident high
- BKA and ZIT dismantle relaunched Crimenetwork darknet marketplace; German operator arrested in Mallorca on European Arrest Warrant incident high
- West Pharmaceutical Services files SEC Form 8-K Item 1.05 — data exfiltrated, systems encrypted, global operations partially restarted incident notable
- Škoda Auto Deutschland online-shop breach exposes customer PII and password hashes; logging gap prevents exfiltration confirmation incident notable
- Palo Alto PAN-OS CVE-2026-0300 — first-wave fixed builds now scheduled for 2026-05-13; until then interim mitigation remains the only option vulnerability high
- Instructure (Canvas LMS) — ransom paid to ShinyHunters with "shred logs"; second intrusion confirmed; per-institution leak deadline reset to today incident high update
- TeamPCP (UNC6780 / PCPJack ecosystem) backdoors the Checkmarx Jenkins AST plugin — third Checkmarx supply-chain compromise in three months, SANDCLOCK exfiltrates every CI secret reachable from the runner vulnerability high
- GTIG AI Threat Tracker (May 2026): First Confirmed AI-Generated Zero-Day Exploit ITW and the Behavioural Class of AI-Augmented Malware threat high
Sources changed (this run)
Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.
No source-list edits recorded for this run.
Coverage gaps (this run)
Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)
| Source (uncovered) | URL tried | Method chain | Status / class | What the agent did instead |
|---|---|---|---|---|
| cisa-kev covered via alternate · should NOT be in this list | https://www.cisa.gov/known-exploited-vulnerabilities-catalog | bridge:cisa-kev | 200 Bridge fetched OK; no new KEV additions in window. | bridge:cisa-kev → 200 OK |
| ncsc-ch-security-hub covered via alternate · should NOT be in this list | https://security-hub.ncsc.admin.ch/api/posts/recent | bridge:ncsc-csh.recent → bridge:ncsc-csh.post | 200 Bridge fetched OK; latest posts 12548 / 12551 are from 2026-05-08, no new posts in window. | bridge → 200 OK |
| enisa-euvd covered via alternate · should NOT be in this list | https://euvd.enisa.europa.eu/api/recent | bridge:enisa-euvd.recent | 200 `recent lastvulnerabilities` returned only low-severity XSS items in window; `criticals` and `exploited` returned only items already covered. | bridge → 200 OK; coverage gap is no-new-content rather than transport failure |
| bleepingcomputer covered via alternate · should NOT be in this list | https://www.bleepingcomputer.com/news/security/trellix-source-code-breach-claime | webfetch | 403 transport-403 Article-level 403; listing page returns 200. | Used thehackernews.com and trellix.com/statement/ as alternates. |
| darkreading covered via alternate · should NOT be in this list | https://www.darkreading.com/cyberattacks-data-breaches/shinyhunters-second-attac | webfetch | 403 transport-403 Article-level 403. | Infosecurity Magazine + Inside Higher Ed + The Register provided equivalent coverage. |
| databreaches-net | n/a (Cloudflare Managed Challenge documented) | bridge:url → websearch | 200 robots-blocked Bridge attempted via `python3 tools/fetch_source.py url ...` — Cloudflare Managed Challenge cannot be bypassed by any UA the bridge can construct; per allow-lis | WebSearch fallback used; no unique items surfaced. |
| inside-it-ch | n/a (Cloudflare Managed Challenge documented) | bridge:url → websearch | 200 robots-blocked Bridge attempted via `python3 tools/fetch_source.py url ...` — Cloudflare Managed Challenge cannot be bypassed by any UA the bridge can construct; per allow-lis | WebSearch fallback used; no unique items surfaced. |
| hub.ivanti.com covered via alternate · should NOT be in this list | https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Mana | bridge:url | 403 transport-403 fetch_source: refused: host 'hub.ivanti.com' is not in the allow-list | Recovered via NCSC-CH post 12548, CERTFR-2026-AVI-0552, NCSC-NL CSAF, news outlets. |
| downloads.seppmail.com covered via alternate · should NOT be in this list | https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#security | bridge:url | 403 transport-403 fetch_source: refused: host not in allow-list | Recovered via CIRCL vulnerability-lookup + NCSC-CH post 12551 (item ultimately not used; already covered as 2026-05-09 deep dive). |
| ccb.belgium.be covered via alternate · should NOT be in this list | https://ccb.belgium.be/advisories/warning-authenticated-remote-code-execution-vu | bridge:url | 403 transport-403 fetch_source: refused: host not in allow-list | Ivanti EPMM coverage recovered via multiple alternate sources. |
| advisories-ncsc-nl covered via alternate · should NOT be in this list | https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0384.json | bridge:ncsc-nl.csaf | 404 transport-404 Upstream 404 on NCSC-2026-0384, 0399, 0400, 0401; NCSC-2026-0135 fetched OK. | NCSC-2026-0135 (Ivanti EPMM) used; other IDs may be embargoed/unpublished. |
| connectwise-psirt | https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenc | webfetch | 200 transport-tls TLS certificate is not yet valid (host-side cert clock skew) | Item ultimately dropped per § 7 — KEV deadline alone does not drive coverage. |
| helpnetsecurity covered via alternate · should NOT be in this list | https://www.helpnetsecurity.com/2026/05/11/ico-south-staffordshire-cyberattack-f | webfetch | 429 rate-limited HTTP 429 Too Many Requests | The Record + The Register + ICO primary provided equivalent coverage. |
Verification findings · all iterations
Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.
Iteration #1 NEEDS_FIXES · 12 findings (truth=9, editorial=3, advisory=1) · Claude Opus 4.7 · 4m 10s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F4 hallucinated-fact | tldr-and-immediate-action | PAN-OS CVE-2026-0300 — 'first patch wave released today (2026-05-12)' | Brief asserts patches shipped 2026-05-12; cited PSIRT page last-updated 2026-05-07 lists first-wave ETA 05/13. No patch has been released per the cited source. | Dropped Immediate Action callout entirely; replaced TL;DR bullet to reflect 05/13 ETA; restructured PAN-OS coverage as § 4 UPDATE; rewrote § 6 Action Item to 'p fixed-clean |
| F4 hallucinated-fact | section-4-update-ivanti | CERT-FR ACT-021 named Dutch DPA + Council for the Judiciary as confirmed comprom | Verifier full-text fetch confirms CERT-FR names no organisations and reads 'Non spécifié par l'éditeur'; NCSC-NL also names no organisations. | Dropped § 4 Ivanti UPDATE entirely; logged drop in § 7; rolled back appearances in covered_items.json dropped-item |
| F4 hallucinated-fact | section-1-west-pharma | West Pharma '~11,000 staff across ~50 sites' | SEC 8-K filing contains no headcount; public sources say ~10,000. | Removed headcount and site count; rewrote to 'global manufacturer of drug-delivery and packaging components' fixed-clean |
| F4 hallucinated-fact | section-1-skoda | Škoda '200k+ user set' and 'bcrypt-class hashes' | Neither claim supported by cited sources; Škoda statement says only 'encrypted hashes' (no algorithm); SecurityWeek says affected count not disclosed. | Removed 200k+ and bcrypt-class specifics; rewrote to acknowledge undisclosed scope and algorithm with generic GPU-cracking-risk framing fixed-clean |
| F3 claim-not-supported | section-1-south-staffordshire | ICO attribution drift — ZeroLogon/two-DCs attributed to ICO instead of The Recor | ICO press release names no CVE or actor; ZeroLogon / two-DC framing comes from The Record's reporting. | Rewrote § 1 item to attribute regulator findings (inadequate vuln mgmt, unpatched critical systems, Windows Server 2003) to ICO; attributed ZeroLogon / two-DC k fixed-clean |
| F3 claim-not-supported | section-1-south-staffordshire | '4 TB' vs 4.1 TB; '1.85m customer-relationship records' vs 1.85m customers held | Paraphrase loses current/former distinction and conflates 633,887 published vs 1.85m held. | Corrected to 'over 4.1 TB' and 'about 1.85 million customers (approximately 750,000 current and 1.1 million former), of which 633,887 individuals had data publi fixed-clean |
| F3 claim-not-supported | section-1-crimenetwork | Crimenetwork '100,000-user community at time of December 2024 takedown' | No cited source mentions a 100,000-user count for the original December 2024 takedown. | Removed '100,000-user community at the time' clause from prose fixed-clean |
| F3 claim-not-supported | section-4-canvas-update | Canvas UPDATE claim 'FBI and CISA have issued advisories' cited Register / Inside Higher Ed / Infosecurity Magazine articles | None of the three cited sources mention FBI or CISA advisories. | Removed 'FBI and CISA have issued advisories' from the Canvas UPDATE body fixed-clean |
| F3 claim-not-supported | section-4-checkmarx-update | Checkmarx safe-version '2.0.13-848.v76e89de8a_053' not in cited advisory | Checkmarx ongoing-security-updates page only specifies 2.0.13-829.vc72453fa_1c16 as safe version. | Removed 2.0.13-848 reference; pinned recommendation to 2.0.13-829.vc72453fa_1c16 only in both § 4 UPDATE prose and § 6 Action Item fixed-clean |
| F6 strengthen-primary-source | pan-os-callout-and-tldr | CL-STA-1132 attribution and 2026-04-09 first-observed date attributed only to PS | PSIRT page does not mention CL-STA-1132 or 2026-04-09; those attributions live in Unit 42's separate threat bulletin. | Added Unit 42 — Captive Portal Zero-Day URL as Additional source in the new § 4 UPDATE and § 6 Action Item footers fixed-clean |
| F12 single-source-flag-missing | pan-os-callout | Immediate Action callout single-source on PSIRT (not national-CERT carve-out) | Callout cites only PSIRT; vendor PSIRT does not get the national-CERT carve-out. | Resolved by dropping the Immediate Action callout entirely (the structural F4 fix above subsumes this F12) fixed-clean |
| F11 editorial-advisory | section-7 | § 7 lists 6 tool/source issues while run_log records 13 fetch_failures (internal run-log telemetry) | Advisory only — § 7 hygiene point on whether to surface every fetch failure or summarise. | Left as advisory; § 7 surface remains a summary not a verbatim mirror of run_log.fetch_failures deferred |
Iteration #2 CLEAN · 1 finding (truth=0, editorial=0, advisory=1) · Claude Sonnet 4.6 · 6m 34s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F11 editorial-advisory | whole-brief | Single advisory finding only; verdict CLEAN | No truth or editorial defects identified; one F11 advisory observation only. | Advisory only — F11 alone never blocks CLEAN deferred |
Verification & coverage notes
The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.
Verification & coverage notesrun record body
2026-05-12-cd1ab844 · Claude Opus 4.7 · 8 entries published
Items dropped or held back
- Ivanti EPMM May 2026 chain (CVE-2026-6973 et al.) — § 4 UPDATE candidate, dropped after verifier check. S2 surfaced CERTFR-2026-ACT-021, 2026-05-11 framed around named Dutch public-sector victims (Autoriteit Persoonsgegevens, Raad voor de Rechtspraak) as the in-window delta justifying re-coverage. The Phase 5.7 verifier's re-fetch of CERT-FR ACT-021 (and NCSC-NL — Casus kwetsbaarheden Ivanti EPMM-systemen) confirms neither source names those organisations; CERT-FR's affected-systems table reads "Non spécifié par l'éditeur". Without the named-victims claim, the bulletin's only operational delta is a recommendation to rotate EPMM admin credentials as carry-over from the January 2026 chain — already covered in the 2026-05-09 daily. Per PD-8 + PD-13, no fresh material delta in window; dropped. The hallucinated named-victims claim is an example of research-sub-agent drift that the cold-reader verification caught at iteration 1.
- CVE-2024-1708 / CVE-2024-1709 — ConnectWise ScreenConnect path-traversal + auth-bypass chain (KEV deadline 2026-05-12). S1 surfaced again with Kimsuky (DPRK) / Storm-1175 (China-linked) / Medusa attribution. Both the underlying KEV addition (2026-04-28) and the actor-attribution article (The Hacker News, 2026-04-28) sit outside the 36 h recency window and were already considered and dropped in yesterday's brief on the same basis. Per PD-13, a KEV deadline arriving today is not in itself material new development. No fresh in-window ITW evidence, no fresh in-window research delta. Dropped.
- CVE-2026-0073 — Android
adbdwireless-ADB authentication-bypass (PoC public ~2026-05-11; vendor patch 2026-05-01). S1 surfaced with Penligent/Barghest research (in-window PoC disclosure) and the Android Security Bulletin May 2026. Strict § 2 gate not cleared: vector isAV:Aadjacent-network (over wireless ADB on TCP/5555), not internet-exposed; CVSS 8.8 below the ENISA EUVD CVSS-9 threshold; no ITW; not on the KEV catalogue at time of run. Dropped from § 2; logged here for the next brief if exploitation evidence emerges. The mitigation guidance is straightforward and not novel — MDM policies should disable wireless ADB globally on enrolled devices regardless of this CVE. - GLPI cluster (CVE-2026-32312 / 40108 / 42317 / 42318 / 42320 / 42321 / 5385). Already fully treated as § 2 entries in the 2026-05-10 daily; the CERT-FR ACT-021 weekly recap on 2026-05-11 does not add a material delta — instance counts, sectoral framing, and patch paths are unchanged. No re-coverage.
- SEPPmail Secure Email Gateway cluster (CVE-2026-44128 / 44125 / 44126 / 44127 / 44129 / 7864). Already the 2026-05-09 deep dive; S2 acknowledged the NCSC-CH security-hub post 12551 is ~44 h old and outside the strict 36 h window. No re-coverage.
- CB Financial Services (CBFV) SEC Form 8-K Item 1.05 (filing 2026-05-11 per S4 SEC EDGAR search). S4 could not retrieve the filing body (URL guess fell to 404); no corroborating press coverage was located. Community bank in Carmichaels, PA — limited systemic EU / Swiss relevance, and the filing-detail gap means we cannot quote the disclosure. Held back for tomorrow's brief once the filing body is reachable.
- Akamai SIRT "Shadow AI" LLM-malware post. Surfaced by S3 via search but the article's publication date is undetermined;
www.akamai.comis not on the bridge allow-list and WebFetch returned 403. Cannot establish in-window status; dropped.
Single-source / reduced-confidence items
- West Pharmaceutical Services SEC 8-K is
[SINGLE-SOURCE-OTHER]for press corroboration: the SEC filing itself is HIGH-reliability primary, but no tier-1 security press coverage was retrieved before the brief was composed (S4 found only FrenchBreaches.com, an aggregator). Confidence on the disclosure itself: HIGH. Confidence on attribution class (ransomware vs. other actor): MEDIUM — the SEC filing's wording strongly implies double-extortion ransomware but the company does not use the word. Included on the strength of the primary regulator filing. - Škoda Auto online shop breach is corroborated by SecurityWeek + Škoda's own vendor statement; no independent security-research source (Heise, Inside-IT, Le Monde, BKA / BfDI / Czech UOOU enforcement notice) was found before composition. Confidence on the disclosure itself: HIGH. Confidence on the data-exfiltration scope: MEDIUM by Škoda's own admission (logging gap).
- ConnectWise ScreenConnect note (above) also relies on
cybernews.comand the vendor PSIRT URL, both of which failed to fetch in this run; we are not including the item, but we note that the trust-cert issue on the ConnectWise PSIRT URL is a transport-side recurring problem that we have not yet logged for the bridge fetcher allow-list expansion.
Contradictions / ambiguities
- Instructure Canvas "data destruction" claim from ShinyHunters. Instructure's own communication frames receipt of "shred logs" as digital confirmation of deletion; security-research community framing in The Register and Infosecurity Magazine is that ransomware-actor "shred log" artefacts are unverifiable. We follow the security-research framing in the brief because (a) it matches established practice for breach-notification scope decisions under GDPR / Swiss DSG, and (b) the second intrusion on 2026-05-07 and the per-institution deadline reset for today demonstrate that the actor's word is not a forensic primitive.
Sub-agents
- S1 (Claude Sonnet 4.6, 479 s): returned 3 items + CVE summary table. 1 item kept as Immediate Action callout (PAN-OS UPDATE); 2 items dropped (ScreenConnect out-of-window per yesterday's decision; Android adbd § 2 gate). Telemetry: webfetch=15, websearch=16, bridge=9. URL-liveness cache populated.
- S2 (Claude Sonnet 4.6, 572 s): returned 3 items. 1 item kept as § 4 UPDATE (Ivanti EPMM CERT-FR ACT-021 + named EU public-sector victims); 2 items already-covered (GLPI 2026-05-10; SEPPmail 2026-05-09 deep dive). Bridge-mandatory hosts NCSC-CH security-hub (12548 + 12551) and ENISA EUVD fetched cleanly via the bridge subcommands. Telemetry: webfetch=14, websearch=18, bridge=8.
- S3 (Claude Sonnet 4.6, 642 s): returned 5 items. 2 items kept (GTIG AI Threat Tracker as § 5 Deep Dive per PD-9 annual-report rule; TeamPCP Checkmarx Jenkins as § 4 UPDATE). 2 items duplicated with S4 (Canvas/Instructure ransom-paid; Škoda online-shop breach — merged with S4 framing). 1 item duplicated with S1 (Trellix source-code coverage — already covered 2026-05-10). Telemetry: webfetch=18, websearch=18, bridge=4.
- S4 (Claude Sonnet 4.6, 556 s): returned 4 items. 3 items kept (ICO South Staffordshire fine; West Pharma SEC 8-K; Škoda online shop). 1 item duplicated with S3 (Canvas/Instructure UPDATE — merged). Telemetry: webfetch=22, websearch=21, bridge=3.
Tool / source issues observed
hub.ivanti.com,downloads.seppmail.com,ccb.belgium.beare not on thetools/fetch_source.pybridge allow-list — bridge attempts on these hosts returnrefused: host '...' is not in the allow-list. Direct WebFetch returns 403 onhub.ivanti.com. Coverage is recovered via NCSC-CH security-hub, CERT-FR, and CIRCLvulnerability.circl.lu, but adding these three hosts to the bridge allow-list would remove a recurring single-point coverage risk on Ivanti, SEPPmail, and Belgian-CCB advisories.bleepingcomputerarticle-level URLs continue to 403 on direct WebFetch; bridgeurlreturns 200 with SPA-empty body. Listing-level URLs work. No change since 2026-05-11.advisories-ncsc-nlCSAF bridge — S2 recorded 404 on several recent advisory IDs (NCSC-2026-0384, 0399, 0400, 0401); NCSC-2026-0135 (Ivanti EPMM) fetched cleanly. The NameError that broke yesterday's bridge call is gone; the new mode is upstream 404 on advisory IDs that are presumably embargoed or never published. Worth tracking.research.nccgroup.comis not on the bridge allow-list (S3 attempted via bridgeurl; refused).darkreadingarticle-level URLs continue to 403 on direct WebFetch (S3, S4 both hit this).databreaches-netCloudflare Managed Challenge confirmed again; WebSearch fallback used per allow-list, no in-window items surfaced.
Recency window
gap_hours = 24(prior briefbriefs/2026-05-11.md).window_hours = 36;developing_window_hours = 72.
Coverage gaps
Coverage gaps: cisa-kev (bridge OK; no new KEV additions in window 2026-05-11 / 2026-05-12); enisa-euvd (bridge OK; recent lastvulnerabilities returned only low-severity XSS, criticals and exploited only items already covered); ncsc-ch-security-hub (bridge OK; latest posts 12548 + 12551 are 2026-05-08 and already absorbed into S2 returns; no new posts in window); bsi-de (RSS OK; in-window items routine — Linux kernel, libxml2, NGINX, IBM); cert-pl, cert-at, csirt-acn-it (not fetched in this run — rotation candidates for tomorrow); cert-eu (no advisory 2026-007 yet — 2026-006 was the last published); ccn-cert-es (demoted source, not fetched); cnil-fr, edpb, aepd, garante (no in-window enforcement / breach decisions found); ico-uk (sitemap bridge fetched; the South Staffordshire action was the only new enforcement in window); inside-it-ch (Cloudflare-blocked — WebSearch fallback used, no S2 items surfaced); databreaches-net (Cloudflare-blocked — WebSearch fallback, no items); sec-edgar (CB Financial CBFV 8-K Item 1.05 filed 2026-05-11 but filing body not retrievable from EDGAR URL guess — see drops above); hub.ivanti.com, downloads.seppmail.com, ccb.belgium.be, research.nccgroup.com, akamai-sirt — bridge allow-list expansion candidates.
Migrated from briefs/2026-05-12.md (v2).
← Operations dashboard · day page 2026-05-12 · run-record contract: docs/pipeline.md