ctipilot.ch

2026-05-12-cd1ab844

One pipeline fire, in full · intel run of 2026-05-12 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-05-12/2026-05-12-cd1ab844.md.

Run telemetry

2026-05-12-cd1ab844 intel prompt v2.50
23m 51s duration 8 published 1 updates
Claude Opus 4.7 (claude-opus-4-7) main agent
S1 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
3
Duration
7m 59s
Tool calls
15 WebFetch16 WebSearch9 bridge
Cited sources
6 of 28 in slice
S2 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
3
Duration
9m 32s
Tool calls
14 WebFetch18 WebSearch8 bridge
Cited sources
7 of 43 in slice
S3 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
5
Duration
10m 42s
Tool calls
18 WebFetch18 WebSearch4 bridge
Cited sources
9 of 64 in slice
S4 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
4
Duration
9m 16s
Tool calls
22 WebFetch21 WebSearch3 bridge
Cited sources
9 of 23 in slice

Verification

#1 NEEDS_FIXES · Anthropic Claude (Opus 4.7, 1M context) · t=9 e=3 a=1 #2 CLEAN · Claude Sonnet 4.6 · t=0 e=0 a=1

Deep dive

2026-05-12/gtig-ai-threat-tracker-may-2026-first-confirmed-ai-generated

Sources changed (this run)

Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.

No source-list edits recorded for this run.

Coverage gaps (this run)

Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)

Source (uncovered)URL triedMethod chainStatus / classWhat the agent did instead
cisa-kev
covered via alternate · should NOT be in this list
https://www.cisa.gov/known-exploited-vulnerabilities-catalogbridge:cisa-kev200
Bridge fetched OK; no new KEV additions in window.
bridge:cisa-kev → 200 OK
ncsc-ch-security-hub
covered via alternate · should NOT be in this list
https://security-hub.ncsc.admin.ch/api/posts/recentbridge:ncsc-csh.recentbridge:ncsc-csh.post200
Bridge fetched OK; latest posts 12548 / 12551 are from 2026-05-08, no new posts in window.
bridge → 200 OK
enisa-euvd
covered via alternate · should NOT be in this list
https://euvd.enisa.europa.eu/api/recentbridge:enisa-euvd.recent200
`recent lastvulnerabilities` returned only low-severity XSS items in window; `criticals` and `exploited` returned only items already covered.
bridge → 200 OK; coverage gap is no-new-content rather than transport failure
bleepingcomputer
covered via alternate · should NOT be in this list
https://www.bleepingcomputer.com/news/security/trellix-source-code-breach-claimewebfetch403 transport-403
Article-level 403; listing page returns 200.
Used thehackernews.com and trellix.com/statement/ as alternates.
darkreading
covered via alternate · should NOT be in this list
https://www.darkreading.com/cyberattacks-data-breaches/shinyhunters-second-attacwebfetch403 transport-403
Article-level 403.
Infosecurity Magazine + Inside Higher Ed + The Register provided equivalent coverage.
databreaches-netn/a (Cloudflare Managed Challenge documented)bridge:urlwebsearch200 robots-blocked
Bridge attempted via `python3 tools/fetch_source.py url ...` — Cloudflare Managed Challenge cannot be bypassed by any UA the bridge can construct; per allow-lis
WebSearch fallback used; no unique items surfaced.
inside-it-chn/a (Cloudflare Managed Challenge documented)bridge:urlwebsearch200 robots-blocked
Bridge attempted via `python3 tools/fetch_source.py url ...` — Cloudflare Managed Challenge cannot be bypassed by any UA the bridge can construct; per allow-lis
WebSearch fallback used; no unique items surfaced.
hub.ivanti.com
covered via alternate · should NOT be in this list
https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manabridge:url403 transport-403
fetch_source: refused: host 'hub.ivanti.com' is not in the allow-list
Recovered via NCSC-CH post 12548, CERTFR-2026-AVI-0552, NCSC-NL CSAF, news outlets.
downloads.seppmail.com
covered via alternate · should NOT be in this list
https://downloads.seppmail.com/extrelnotes/150/ERN15.0.html#securitybridge:url403 transport-403
fetch_source: refused: host not in allow-list
Recovered via CIRCL vulnerability-lookup + NCSC-CH post 12551 (item ultimately not used; already covered as 2026-05-09 deep dive).
ccb.belgium.be
covered via alternate · should NOT be in this list
https://ccb.belgium.be/advisories/warning-authenticated-remote-code-execution-vubridge:url403 transport-403
fetch_source: refused: host not in allow-list
Ivanti EPMM coverage recovered via multiple alternate sources.
advisories-ncsc-nl
covered via alternate · should NOT be in this list
https://advisories.ncsc.nl/csaf/v2/2026/ncsc-2026-0384.jsonbridge:ncsc-nl.csaf404 transport-404
Upstream 404 on NCSC-2026-0384, 0399, 0400, 0401; NCSC-2026-0135 fetched OK.
NCSC-2026-0135 (Ivanti EPMM) used; other IDs may be embargoed/unpublished.
connectwise-psirthttps://www.connectwise.com/company/trust/security-bulletins/connectwise-screencwebfetch200 transport-tls
TLS certificate is not yet valid (host-side cert clock skew)
Item ultimately dropped per § 7 — KEV deadline alone does not drive coverage.
helpnetsecurity
covered via alternate · should NOT be in this list
https://www.helpnetsecurity.com/2026/05/11/ico-south-staffordshire-cyberattack-fwebfetch429 rate-limited
HTTP 429 Too Many Requests
The Record + The Register + ICO primary provided equivalent coverage.

Verification findings · all iterations

Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.

Iteration #1 NEEDS_FIXES · 12 findings (truth=9, editorial=3, advisory=1) · Claude Opus 4.7 · 4m 10s

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F4
hallucinated-fact
tldr-and-immediate-actionPAN-OS CVE-2026-0300 — 'first patch wave released today (2026-05-12)'Brief asserts patches shipped 2026-05-12; cited PSIRT page last-updated 2026-05-07 lists first-wave ETA 05/13. No patch has been released per the cited source.Dropped Immediate Action callout entirely; replaced TL;DR bullet to reflect 05/13 ETA; restructured PAN-OS coverage as § 4 UPDATE; rewrote § 6 Action Item to 'p fixed-clean
F4
hallucinated-fact
section-4-update-ivantiCERT-FR ACT-021 named Dutch DPA + Council for the Judiciary as confirmed compromVerifier full-text fetch confirms CERT-FR names no organisations and reads 'Non spécifié par l'éditeur'; NCSC-NL also names no organisations.Dropped § 4 Ivanti UPDATE entirely; logged drop in § 7; rolled back appearances in covered_items.json dropped-item
F4
hallucinated-fact
section-1-west-pharmaWest Pharma '~11,000 staff across ~50 sites'SEC 8-K filing contains no headcount; public sources say ~10,000.Removed headcount and site count; rewrote to 'global manufacturer of drug-delivery and packaging components' fixed-clean
F4
hallucinated-fact
section-1-skodaŠkoda '200k+ user set' and 'bcrypt-class hashes'Neither claim supported by cited sources; Škoda statement says only 'encrypted hashes' (no algorithm); SecurityWeek says affected count not disclosed.Removed 200k+ and bcrypt-class specifics; rewrote to acknowledge undisclosed scope and algorithm with generic GPU-cracking-risk framing fixed-clean
F3
claim-not-supported
section-1-south-staffordshireICO attribution drift — ZeroLogon/two-DCs attributed to ICO instead of The RecorICO press release names no CVE or actor; ZeroLogon / two-DC framing comes from The Record's reporting.Rewrote § 1 item to attribute regulator findings (inadequate vuln mgmt, unpatched critical systems, Windows Server 2003) to ICO; attributed ZeroLogon / two-DC k fixed-clean
F3
claim-not-supported
section-1-south-staffordshire'4 TB' vs 4.1 TB; '1.85m customer-relationship records' vs 1.85m customers held Paraphrase loses current/former distinction and conflates 633,887 published vs 1.85m held.Corrected to 'over 4.1 TB' and 'about 1.85 million customers (approximately 750,000 current and 1.1 million former), of which 633,887 individuals had data publi fixed-clean
F3
claim-not-supported
section-1-crimenetworkCrimenetwork '100,000-user community at time of December 2024 takedown'No cited source mentions a 100,000-user count for the original December 2024 takedown.Removed '100,000-user community at the time' clause from prose fixed-clean
F3
claim-not-supported
section-4-canvas-updateCanvas UPDATE claim 'FBI and CISA have issued advisories'
cited Register / Inside Higher Ed / Infosecurity Magazine articles
None of the three cited sources mention FBI or CISA advisories.Removed 'FBI and CISA have issued advisories' from the Canvas UPDATE body fixed-clean
F3
claim-not-supported
section-4-checkmarx-updateCheckmarx safe-version '2.0.13-848.v76e89de8a_053' not in cited advisoryCheckmarx ongoing-security-updates page only specifies 2.0.13-829.vc72453fa_1c16 as safe version.Removed 2.0.13-848 reference; pinned recommendation to 2.0.13-829.vc72453fa_1c16 only in both § 4 UPDATE prose and § 6 Action Item fixed-clean
F6
strengthen-primary-source
pan-os-callout-and-tldrCL-STA-1132 attribution and 2026-04-09 first-observed date attributed only to PSPSIRT page does not mention CL-STA-1132 or 2026-04-09; those attributions live in Unit 42's separate threat bulletin.Added Unit 42 — Captive Portal Zero-Day URL as Additional source in the new § 4 UPDATE and § 6 Action Item footers fixed-clean
F12
single-source-flag-missing
pan-os-calloutImmediate Action callout single-source on PSIRT (not national-CERT carve-out)Callout cites only PSIRT; vendor PSIRT does not get the national-CERT carve-out.Resolved by dropping the Immediate Action callout entirely (the structural F4 fix above subsumes this F12) fixed-clean
F11
editorial-advisory
section-7§ 7 lists 6 tool/source issues while run_log records 13 fetch_failures
(internal run-log telemetry)
Advisory only — § 7 hygiene point on whether to surface every fetch failure or summarise.Left as advisory; § 7 surface remains a summary not a verbatim mirror of run_log.fetch_failures deferred

Iteration #2 CLEAN · 1 finding (truth=0, editorial=0, advisory=1) · Claude Sonnet 4.6 · 6m 34s

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F11
editorial-advisory
whole-briefSingle advisory finding only; verdict CLEAN
No truth or editorial defects identified; one F11 advisory observation only.Advisory only — F11 alone never blocks CLEAN deferred

Verification & coverage notes

The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.

Verification & coverage notesrun record body

2026-05-12-cd1ab844 · Claude Opus 4.7 · 8 entries published

Items dropped or held back

  • Ivanti EPMM May 2026 chain (CVE-2026-6973 et al.) — § 4 UPDATE candidate, dropped after verifier check. S2 surfaced CERTFR-2026-ACT-021, 2026-05-11 framed around named Dutch public-sector victims (Autoriteit Persoonsgegevens, Raad voor de Rechtspraak) as the in-window delta justifying re-coverage. The Phase 5.7 verifier's re-fetch of CERT-FR ACT-021 (and NCSC-NL — Casus kwetsbaarheden Ivanti EPMM-systemen) confirms neither source names those organisations; CERT-FR's affected-systems table reads "Non spécifié par l'éditeur". Without the named-victims claim, the bulletin's only operational delta is a recommendation to rotate EPMM admin credentials as carry-over from the January 2026 chain — already covered in the 2026-05-09 daily. Per PD-8 + PD-13, no fresh material delta in window; dropped. The hallucinated named-victims claim is an example of research-sub-agent drift that the cold-reader verification caught at iteration 1.
  • CVE-2024-1708 / CVE-2024-1709 — ConnectWise ScreenConnect path-traversal + auth-bypass chain (KEV deadline 2026-05-12). S1 surfaced again with Kimsuky (DPRK) / Storm-1175 (China-linked) / Medusa attribution. Both the underlying KEV addition (2026-04-28) and the actor-attribution article (The Hacker News, 2026-04-28) sit outside the 36 h recency window and were already considered and dropped in yesterday's brief on the same basis. Per PD-13, a KEV deadline arriving today is not in itself material new development. No fresh in-window ITW evidence, no fresh in-window research delta. Dropped.
  • CVE-2026-0073 — Android adbd wireless-ADB authentication-bypass (PoC public ~2026-05-11; vendor patch 2026-05-01). S1 surfaced with Penligent/Barghest research (in-window PoC disclosure) and the Android Security Bulletin May 2026. Strict § 2 gate not cleared: vector is AV:A adjacent-network (over wireless ADB on TCP/5555), not internet-exposed; CVSS 8.8 below the ENISA EUVD CVSS-9 threshold; no ITW; not on the KEV catalogue at time of run. Dropped from § 2; logged here for the next brief if exploitation evidence emerges. The mitigation guidance is straightforward and not novel — MDM policies should disable wireless ADB globally on enrolled devices regardless of this CVE.
  • GLPI cluster (CVE-2026-32312 / 40108 / 42317 / 42318 / 42320 / 42321 / 5385). Already fully treated as § 2 entries in the 2026-05-10 daily; the CERT-FR ACT-021 weekly recap on 2026-05-11 does not add a material delta — instance counts, sectoral framing, and patch paths are unchanged. No re-coverage.
  • SEPPmail Secure Email Gateway cluster (CVE-2026-44128 / 44125 / 44126 / 44127 / 44129 / 7864). Already the 2026-05-09 deep dive; S2 acknowledged the NCSC-CH security-hub post 12551 is ~44 h old and outside the strict 36 h window. No re-coverage.
  • CB Financial Services (CBFV) SEC Form 8-K Item 1.05 (filing 2026-05-11 per S4 SEC EDGAR search). S4 could not retrieve the filing body (URL guess fell to 404); no corroborating press coverage was located. Community bank in Carmichaels, PA — limited systemic EU / Swiss relevance, and the filing-detail gap means we cannot quote the disclosure. Held back for tomorrow's brief once the filing body is reachable.
  • Akamai SIRT "Shadow AI" LLM-malware post. Surfaced by S3 via search but the article's publication date is undetermined; www.akamai.com is not on the bridge allow-list and WebFetch returned 403. Cannot establish in-window status; dropped.

Single-source / reduced-confidence items

  • West Pharmaceutical Services SEC 8-K is [SINGLE-SOURCE-OTHER] for press corroboration: the SEC filing itself is HIGH-reliability primary, but no tier-1 security press coverage was retrieved before the brief was composed (S4 found only FrenchBreaches.com, an aggregator). Confidence on the disclosure itself: HIGH. Confidence on attribution class (ransomware vs. other actor): MEDIUM — the SEC filing's wording strongly implies double-extortion ransomware but the company does not use the word. Included on the strength of the primary regulator filing.
  • Škoda Auto online shop breach is corroborated by SecurityWeek + Škoda's own vendor statement; no independent security-research source (Heise, Inside-IT, Le Monde, BKA / BfDI / Czech UOOU enforcement notice) was found before composition. Confidence on the disclosure itself: HIGH. Confidence on the data-exfiltration scope: MEDIUM by Škoda's own admission (logging gap).
  • ConnectWise ScreenConnect note (above) also relies on cybernews.com and the vendor PSIRT URL, both of which failed to fetch in this run; we are not including the item, but we note that the trust-cert issue on the ConnectWise PSIRT URL is a transport-side recurring problem that we have not yet logged for the bridge fetcher allow-list expansion.

Contradictions / ambiguities

  • Instructure Canvas "data destruction" claim from ShinyHunters. Instructure's own communication frames receipt of "shred logs" as digital confirmation of deletion; security-research community framing in The Register and Infosecurity Magazine is that ransomware-actor "shred log" artefacts are unverifiable. We follow the security-research framing in the brief because (a) it matches established practice for breach-notification scope decisions under GDPR / Swiss DSG, and (b) the second intrusion on 2026-05-07 and the per-institution deadline reset for today demonstrate that the actor's word is not a forensic primitive.

Sub-agents

  • S1 (Claude Sonnet 4.6, 479 s): returned 3 items + CVE summary table. 1 item kept as Immediate Action callout (PAN-OS UPDATE); 2 items dropped (ScreenConnect out-of-window per yesterday's decision; Android adbd § 2 gate). Telemetry: webfetch=15, websearch=16, bridge=9. URL-liveness cache populated.
  • S2 (Claude Sonnet 4.6, 572 s): returned 3 items. 1 item kept as § 4 UPDATE (Ivanti EPMM CERT-FR ACT-021 + named EU public-sector victims); 2 items already-covered (GLPI 2026-05-10; SEPPmail 2026-05-09 deep dive). Bridge-mandatory hosts NCSC-CH security-hub (12548 + 12551) and ENISA EUVD fetched cleanly via the bridge subcommands. Telemetry: webfetch=14, websearch=18, bridge=8.
  • S3 (Claude Sonnet 4.6, 642 s): returned 5 items. 2 items kept (GTIG AI Threat Tracker as § 5 Deep Dive per PD-9 annual-report rule; TeamPCP Checkmarx Jenkins as § 4 UPDATE). 2 items duplicated with S4 (Canvas/Instructure ransom-paid; Škoda online-shop breach — merged with S4 framing). 1 item duplicated with S1 (Trellix source-code coverage — already covered 2026-05-10). Telemetry: webfetch=18, websearch=18, bridge=4.
  • S4 (Claude Sonnet 4.6, 556 s): returned 4 items. 3 items kept (ICO South Staffordshire fine; West Pharma SEC 8-K; Škoda online shop). 1 item duplicated with S3 (Canvas/Instructure UPDATE — merged). Telemetry: webfetch=22, websearch=21, bridge=3.

Tool / source issues observed

  • hub.ivanti.com, downloads.seppmail.com, ccb.belgium.be are not on the tools/fetch_source.py bridge allow-list — bridge attempts on these hosts return refused: host '...' is not in the allow-list. Direct WebFetch returns 403 on hub.ivanti.com. Coverage is recovered via NCSC-CH security-hub, CERT-FR, and CIRCL vulnerability.circl.lu, but adding these three hosts to the bridge allow-list would remove a recurring single-point coverage risk on Ivanti, SEPPmail, and Belgian-CCB advisories.
  • bleepingcomputer article-level URLs continue to 403 on direct WebFetch; bridge url returns 200 with SPA-empty body. Listing-level URLs work. No change since 2026-05-11.
  • advisories-ncsc-nl CSAF bridge — S2 recorded 404 on several recent advisory IDs (NCSC-2026-0384, 0399, 0400, 0401); NCSC-2026-0135 (Ivanti EPMM) fetched cleanly. The NameError that broke yesterday's bridge call is gone; the new mode is upstream 404 on advisory IDs that are presumably embargoed or never published. Worth tracking.
  • research.nccgroup.com is not on the bridge allow-list (S3 attempted via bridge url; refused).
  • darkreading article-level URLs continue to 403 on direct WebFetch (S3, S4 both hit this).
  • databreaches-net Cloudflare Managed Challenge confirmed again; WebSearch fallback used per allow-list, no in-window items surfaced.

Recency window

  • gap_hours = 24 (prior brief briefs/2026-05-11.md).
  • window_hours = 36; developing_window_hours = 72.

Coverage gaps

Coverage gaps: cisa-kev (bridge OK; no new KEV additions in window 2026-05-11 / 2026-05-12); enisa-euvd (bridge OK; recent lastvulnerabilities returned only low-severity XSS, criticals and exploited only items already covered); ncsc-ch-security-hub (bridge OK; latest posts 12548 + 12551 are 2026-05-08 and already absorbed into S2 returns; no new posts in window); bsi-de (RSS OK; in-window items routine — Linux kernel, libxml2, NGINX, IBM); cert-pl, cert-at, csirt-acn-it (not fetched in this run — rotation candidates for tomorrow); cert-eu (no advisory 2026-007 yet — 2026-006 was the last published); ccn-cert-es (demoted source, not fetched); cnil-fr, edpb, aepd, garante (no in-window enforcement / breach decisions found); ico-uk (sitemap bridge fetched; the South Staffordshire action was the only new enforcement in window); inside-it-ch (Cloudflare-blocked — WebSearch fallback used, no S2 items surfaced); databreaches-net (Cloudflare-blocked — WebSearch fallback, no items); sec-edgar (CB Financial CBFV 8-K Item 1.05 filed 2026-05-11 but filing body not retrievable from EDGAR URL guess — see drops above); hub.ivanti.com, downloads.seppmail.com, ccb.belgium.be, research.nccgroup.com, akamai-sirt — bridge allow-list expansion candidates.

Migrated from briefs/2026-05-12.md (v2).

← Operations dashboard · day page 2026-05-12 · run-record contract: docs/pipeline.md