2026-06-04-51b23ffa
One pipeline fire, in full · intel run of 2026-06-04 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-06-04/2026-06-04-51b23ffa.md.
Run telemetry
- Items returned
- 4
- Duration
- 3m 21s
- Tool calls
- 8 WebFetch6 WebSearch8 bridge
- Cited sources
- 3 of 27 in slice
- Items returned
- 6
- Duration
- 6m 28s
- Tool calls
- 8 WebFetch16 WebSearch12 bridge
- Cited sources
- 4 of 43 in slice
- Items returned
- 7
- Duration
- 5m 08s
- Tool calls
- 18 WebFetch8 WebSearch12 bridge
- Cited sources
- 4 of 68 in slice
- Items returned
- 5
- Duration
- 5m 47s
- Tool calls
- 14 WebFetch7 WebSearch8 bridge
- Cited sources
- 4 of 26 in slice
Verification
1 entry dropped by verification this run (recorded in the verification & coverage notes).
Deep dive
2026-06-04/http-2-bomb-cve-2026-49975-a-single-connection-memory-exhaus
Entries published (this run)
- NCSC Switzerland: Booking.com breach feeds two-pronged WhatsApp hotel-booking phishing against Swiss travellers incident high
- Shared booking-software breach exposes guests at 100+ Dutch, Belgian and Irish hotels; phishing wave already underway incident high
- UN World Food Programme breach exposes IDs and locations of ~600,000 Gaza households incident notable
- OFAC sanctions Nobitex and three Iranian exchanges as conduits for IRGC-affiliated ransomware proceeds threat notable
- DesckVB RAT malspam launders through Google DoubleClick and blinds AMSI/ETW, with German-language lures aimed at DACH threat notable
- CVE-2026-45247 — Mirasvit Full Page Cache Warmer (Magento 2 / Adobe Commerce): unauthenticated PHP object-injection RCE, now in CISA KEV vulnerability high
- CVE-2026-8206 + CVE-2026-8181 — Kirki and Burst Statistics WordPress plugins: unauthenticated account takeover under active mass-exploitation vulnerability high
- CVE-2026-20230 — Cisco Unified Communications Manager: unauthenticated SSRF to OS-root file write vulnerability high
- CVE-2026-10611 — MISP: OTP bypass when LDAP mixed-auth and OTP enforcement are both enabled vulnerability notable
- Huntress: Windows search: URI handler leaks NTLMv2 hashes — Microsoft declines to patch research notable
- Enclave: a single debug flag left on in six Microsoft 365 Android apps allowed silent OAuth-token theft research notable
- One-click GitHub OAuth-token theft via github.dev, full-disclosed with PoC; Microsoft patched 3 June research notable
- Symantec: five-month, low-and-slow mailbox-espionage campaign against a global stock exchange research notable
- HTTP/2 Bomb (CVE-2026-49975): a single-connection memory-exhaustion DoS against every major web server vulnerability high
Sources changed (this run)
Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.
No source-list edits recorded for this run.
Coverage gaps (this run)
Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)
| Source (uncovered) | URL tried | Method chain | Status / class | What the agent did instead |
|---|---|---|---|---|
| databreaches-net | https://databreaches.net/2026/06/02/data-of-600000-gaza-households-exposed-in-wo | bridge:url → bridge:wayback | 403 transport-403 fetch_source: upstream HTTP 403; bridge + Wayback both failed | WFP/Dutch-hotel stories covered via UpGuard / DutchNews / Techzine |
| inside-it-ch | https://www.inside-it.ch/ | webfetch → bridge:url → bridge:wayback | 403 transport-403 persistent 403 (4th consecutive run); bridge returned HTML shell without article content | CH/EU coverage via heise-sec and NCSC.ch |
| sophos-xops | https://news.sophos.com/en-us/category/threat-research/ | webfetch → rss | 503 transport-5xx feed URLs returned empty/503 (4th consecutive run); no in-window alternate | none — no new in-window Sophos items |
Bridge invocations (this run)
4 bridge calls this run · these are successful bridge fetches (separate from "Coverage gaps" above).
- bridge:url ×2
- bridge:cisa-kev ×1
- bridge:bsi-rss ×1
Verification findings · all iterations
Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.
Iteration #1 NEEDS_FIXES · 5 findings (truth=3, editorial=1, advisory=1) · Claude Opus 4.8 · 4m 38s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F3a claim-not-supported | trending-vulnerabilities | CVE-2026-7312 Progress Sitefinity CWE-284 OData access-control bypass | NVD shows CWE-522 credential disclosure gated on Insight integration/non-default config | Sitefinity item dropped from §2 to §7 (no fetchable vendor primary) dropped-item |
| F3b claim-not-supported | research | Windows search: URI NTLM leak 'Important'-only severity misses bar | Huntress rates it Moderate; Important would meet the bar | reworded to 'Moderate severity — below Important/Critical threshold' fixed-clean |
| F4 hallucinated-fact | active-threats | WFP Gaza breach notified via Telegram on 31 May; no other regional operation affected | not in sole UpGuard source | removed both specifics fixed-clean |
| F6 strengthen-primary-source | trending-vulnerabilities | CVE-2026-7312 Sitefinity BSI sole primary (shell-only) | Progress vendor advisory exists | item dropped (Progress + BSI both render client-side) dropped-item |
| F11 editorial-advisory | trending-vulnerabilities | CVE-2026-8181 Burst Statistics 'all versions below 3.4.2'; is_mainwp_authenticated() | version overstated; function not in cited source | version→3.4.0 through 3.4.1.1; function name generalised fixed-clean |
Iteration #2 NEEDS_FIXES · 3 findings (truth=1, editorial=1, advisory=1) · Claude Sonnet 4.6 · 3m 43s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F3 claim-not-supported | trending-vulnerabilities | CVE-2026-20230 Cisco CUCM No confirmed exploitation at disclosure | Cisco PSIRT states PoC exploit code is publicly available; Status lacks poc-public | added PoC-public sentence + Status/Tags poc-public + table note fixed-clean |
| F8 editorial | trending-vulnerabilities | CVE-2026-20230 Cisco CUCM missing poc-public in footer | same root cause as F3 | poc-public added to Status and Tags fixed-clean |
| F11 editorial-advisory | trending-vulnerabilities | CVE-2026-8181 Burst Statistics '3.4.0 and 3.4.1' omits 3.4.1.1 | all three cited sources confirm 3.4.1.1 vulnerable | tightened to 'versions 3.4.0 through 3.4.1.1' fixed-clean |
Iteration #3 NEEDS_FIXES · 7 findings (truth=3, editorial=1, advisory=3) · Claude Opus 4.8 · 4m 41s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F4 hallucinated-fact | trending-vulnerabilities | CVE-2026-45247 Magento Mirasvit Sansec observed ITW from 24 April | 24 Apr = discovery+rule, not exploitation; Imperva dates exploitation to ~disclosure | reframed TL;DR/body/table to KEV+Imperva-confirmed; removed 24-April-ITW claim fixed-clean |
| F4b hallucinated-fact | trending-vulnerabilities | WordPress Kirki/Burst mass-exploited against European sites | no source supports European targeting; heise says global | removed 'against European sites'; Region→global fixed-clean |
| F3 claim-not-supported | research | github.dev OAuth-token theft unvalidated postMessage-origin listener | sources describe synthetic-keyboard-event→workspace-extension install; not origin bypass | rewrote mechanism to keydown-injection→malicious workspace extension fixed-clean |
| F5 missing-citation | active-threats | NCSC hotel phishing Swiss federal employees and SMEs booking corporate travel | not in NCSC source | reframed as analyst inference; bounded NCSC's own claim fixed-clean |
| F11a editorial-advisory | research | github.dev patch status no fix existed at publication / no-patch | Microsoft shipped fix 3 June (before 4 June brief) | noted 3 June fix; Tags no-patch→patch-available; heading updated fixed-clean |
| F11b editorial-advisory | trending-vulnerabilities | MISP version provenance >=2.5.37 not traceable | GHSA lists only the commit; BSI shell | dropped >=2.5.37; 'commit 39b3cb15 per the GitHub advisory' fixed-clean |
| F11c editorial-advisory | trending-vulnerabilities | MISP Evidence quote beforeFilter paraphrase | footer Evidence not verbatim GHSA | removed MISP Evidence field fixed-clean |
Iteration #4 NEEDS_FIXES · 2 findings (truth=1, editorial=0, advisory=1) · Claude Sonnet 4.6 · 4m 53s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F4 hallucinated-fact | active-threats | WFP Gaza breach WFP took the platform offline on detection | not in UpGuard source | removed the offline-on-detection sentence fixed-clean |
| F11 editorial-advisory | deep-dive | HTTP/2 Bomb Envoy patch status Envoy ... no patch available | Calif 3 June update: Envoy patched (GHSA-22m2-hvr2-xqc8); brief publishes 4 June | §5 + §6 updated to note Envoy 3 June fix; IIS/Pingora remain unpatched fixed-clean |
Verification & coverage notes
The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.
Verification & coverage notesrun record body
2026-06-04-51b23ffa · Claude Opus 4.8 · 14 entries published
- Items dropped:
- IMA Diligence Services / Genesis ransomware (525,306 affected) — US-only firm, no confirmed CH/EU nexus, breach dated Dec 2025 surfacing now; defender value limited to a generic legacy-third-party-server audit lesson. Cut per less-is-more.
- SafeBreach "Fake Context Alignment" Gemini Android prompt injection — genuinely fresh research (public 2026-06-03) but Google patched the classifier in Nov 2025, so the operational exposure is residual-only; cut for low time-criticality.
- Devolutions Server DEVO-2026-0013/0014 (CVE-2026-9047 MFA bypass; CVE-2026-7325 LDAP coercion) — BSI WID-SEC-2026-1781, but no confirmed exploitation and CVSS <9, so it does not clear a § 2 inclusion gate. PAM operators should still patch to 2026.1.19.0+ / 2025.3.22.0+.
- Progress Sitefinity CMS cluster (CVE-2026-7312 CVSS 10.0, CVE-2026-7198, CVE-2026-7201, CVE-2026-7313, CVE-2026-7195; BSI WID-SEC-2026-1783) — dropped on verification. The only reachable sources (BSI portal, Progress community advisory) render client-side and returned shells, so the technical description could not be independently confirmed; an NVD cross-check indicated CVE-2026-7312 is CWE-522 Insufficiently Protected Credentials (Sitefinity Insight credential disclosure, gated on an active Insight integration / non-default configuration) rather than the OData access-control bypass first drafted. No in-the-wild exploitation; patched in 15.4.8630 / 15.3.8531 / 15.2.8441 / 15.1.8335. DACH/EU public-sector Sitefinity operators should still apply the fixed builds; will be revisited if a fetchable vendor primary lands.
- Operation Dragon Weave (Seqrite) — duplicate; deep-dived 2026-06-02 with no material in-window delta (same Seqrite source).
- EU Cyber Resilience Act 11 June milestone — already covered in weekly 2026-W22 (weekly-policy); no new delta.
- Europol IOCTA 2026 — out of window (published 2026-04-29); annual baseline retained for background only.
- Single-source / reduced-confidence items: WFP Gaza breach — only UpGuard was reachable (The New Humanitarian primary returned 403; WFP spokesperson quotes corroborated via search). DesckVB RAT — Huntress is the sole fetched primary (research-lab IR finding). National-authority single primaries accepted under the PD-5 carve-out as the disclosing party: NCSC Switzerland (hotel phishing), US Treasury/OFAC (Nobitex). Vendor/CERT single primaries where the vendor advisory was the only reachable authoritative source: Cisco PSIRT (CVE-2026-20230); BSI CERT-Bund WID-SEC-2026-1783 for Sitefinity (Progress vendor advisory not reachable in-run).
- Reduced confidence — aggregator/news-only sourcing: the Dutch-hotel breach (DutchNews.nl, Techzine) and the M365 Android OAuth-theft item (SecurityWeek exclusive, The Hacker News) rest on journalism rather than a reachable vendor/research primary — Hospecs has not named the upstream SaaS vendor, and Enclave's own write-up / MSRC pages were not fetched in-run. Treat the specifics as journalism-grade until a vendor primary lands.
- Recency: standard daily, gap 24 h, window 36 h. Several items carry a 2026-06-02 primary (NCSC-CH Week 22, MISP/CIRCL, Kirki) with in-window (2026-06-03) corroboration — retained as freshest available coverage.
- Contradictions: none surfaced.
- CVSS note: CVE-2026-8181 (Burst Statistics) and several non-exploited cluster CVEs lacked an assigned EPSS at fetch time (shown
n/a). - Coverage gaps: databreaches-net (403, 4th consecutive failing run — WFP/Dutch-hotel stories covered via UpGuard/DutchNews/Techzine); inside-it-ch (403, 4th run — covered via heise/NCSC); sophos-xops (503, 4th run — no in-window alternate); cert-eu, anssi-fr (no in-window advisories); mandiant-gtig, volexity (RSS feeds stale, no in-window posts); edpb, cnil-fr, ico-uk, sec-edgar (no qualifying new enforcement/filing in window).
- Sub-agents: all four (S1–S4, Claude Sonnet 4.6) returned within the window; no stalls.
Unmatched action items (migrated)
- Mitigate HTTP/2 Bomb on every internet-facing HTTP/2 endpoint. Upgrade nginx to ≥1.29.8, Apache to
mod_http2v2.0.41, and Envoy per its 3 June fix (GHSA-22m2-hvr2-xqc8); for Microsoft IIS and Cloudflare Pingora (still no patch) disable HTTP/2 at the edge where feasible and set per-worker memory limits so a bombed worker is OOM-killed before the host. NoteLimitRequestFieldsis ineffective for Apache here. (§ 5) - Remediate the public-sector-infrastructure advisories. MISP → commit
39b3cb15(or temporarily drop theLdapAuth.mixedAuth+require_otpcombo); Cisco Unified CM → 14SU6 / Release 15 COP or disable WebDialer. (§ 2) - Block outbound SMB (TCP 445/139) at host and perimeter for endpoints with no external-share need — this neutralises the unpatched Windows
search:URI NTLMv2 leak and the wider URI-handler forced-auth class. (§ 3) - Enforce minimum-version compliance for Microsoft 365 Android apps (Word/PowerPoint/Excel/Copilot/Loop/OneNote) via Intune on BYOD fleets to close the OAuth-token-theft path. (§ 3)
- Brief Swiss staff and travel bookers on the hotel-booking-channel account-takeover phishing (legitimate-channel lures, TWINT/bank look-alikes), and add Nobitex/OFAC-designated wallet clusters to sanctions screening for any Iran-nexus extortion forensics. (§ 1)
Migrated from briefs/2026-06-04.md (v2).
← Operations dashboard · day page 2026-06-04 · run-record contract: docs/pipeline.md