ctipilot.ch

2026-06-15-d964affc

One pipeline fire, in full · intel run of 2026-06-15 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-06-15/2026-06-15-d964affc.md.

Run telemetry

2026-06-15-d964affc intel prompt v2.60
23m 58s duration 2 published 1 updates
Claude Opus 4.8 (claude-opus-4-8) main agent
S1 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
6
Duration
7m 38s
Tool calls
12 WebFetch12 WebSearch10 bridge
Cited sources
1 of 28 in slice
S2 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
4
Duration
12m 24s
Tool calls
14 WebFetch8 WebSearch18 bridge
Cited sources
0 of 36 in slice
S3 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
0
Duration
12m 00s
Tool calls
12 WebFetch8 WebSearch8 bridge
Cited sources
0 of 44 in slice
S4 Claude Sonnet 4.6 (claude-sonnet-4-6)
Items returned
3
Duration
9m 52s
Tool calls
14 WebFetch18 WebSearch12 bridge
Cited sources
4 of 12 in slice

Verification

#1 NEEDS_FIXES · Anthropic Claude Opus 4.8 · t=4 e=1 a=1 #2 NEEDS_FIXES · Claude Sonnet 4.6 · t=1 e=0 a=0 #3 CLEAN · Anthropic Claude Opus 4.8 (1M context) · t=0 e=0 a=2

1 entry dropped by verification this run (recorded in the verification & coverage notes).

Deep dive

Sources changed (this run)

Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.

No source-list edits recorded for this run.

Coverage gaps (this run)

Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)

Source (uncovered)URL triedMethod chainStatus / classWhat the agent did instead
inside-it-chhttps://www.inside-it.ch/securitybridge:urlbridge:wayback403 transport-403
fetch_source: upstream HTTP 403; Wayback returned 0 snapshots in 180d
none — no alternate outlet for identical CH stories
cert-athttps://cert.at/feeds/news.rssbridge:feed0
JSONDecodeError: empty/non-JSON feed body
none — no alternate AT source
sophos-xopshttps://news.sophos.com/en-us/feed/bridge:feed404 transport-404
HTTP 404; featured-blog feed only items Jun 4-11 (out of window)
none
risky-bizhttps://risky.biz/feed/risky-biz-news/bridge:feed404 transport-404
HTTP 404 on both feed URLs
none

Bridge invocations (this run)

4 bridge calls this run · these are successful bridge fetches (separate from "Coverage gaps" above).

2 ok1 empty feed1 item not found
  • bridge:url ×2
  • bridge:cisa-kev ×1
  • bridge:ncsc-csh.recent ×1

Verification findings · all iterations

Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.

Iteration #1 NEEDS_FIXES · 6 findings (truth=4, editorial=1, advisory=1) · Claude Opus 4.8 · 2m 31s

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F3
claim-not-supported
active-threatsHandala / California Water Service — RTKBase NTRIP compromise
Cal Water's own preliminary scan found no compromise
No cited source supports a Cal-Water-conducted scanRemoved 'Cal Water's own' clause; no-OT assessment attributed to Dataminr only fixed-clean
F4
hallucinated-fact
active-threatsHandala / California Water Service
Void Manticore / IRISL-linked cluster
No source links Handala to IRISL; attribution is MOIS via Void Manticore/Storm-0842/G1055Replaced with Void Manticore / Storm-0842, MOIS-attributed, MITRE G1055 fixed-clean
F4
hallucinated-fact
updatesFBI Operation Ghost Hook — Outsider PhaaS
for $88/week or $200/month
CyberScoop states only $88/week; no monthly tierDropped '$200/month'; now '$88 per week' fixed-clean
F9
surface-contradiction
trending-vulnerabilitiesCVE-2026-47928 ColdFusion
unauthenticated internet-exposed RCE
Advisory vector is AV:A (Adjacent), not AV:N; 'internet-exposed' overstates reachabilityDropped ColdFusion from §2 to §7 (clears no gate once AV:A established); corrected framing to adjacent-network throughout dropped-item
F5
missing-citation
trending-vulnerabilitiesCVE-2026-47928 ColdFusion
allowedAdminHosts
allowedAdminHosts not in APSB26-64 (sole source)De-attributed; §6 now says 'restrict admin-console exposure' generically fixed-clean
F10
missed-angle
verification-notesShinyHunters / Council of Europe
monitor for victim confirmation
Advisory — re-check next runAlready in §7 as claim-to-watch deferred

Iteration #2 NEEDS_FIXES · 1 finding (truth=1, editorial=0, advisory=0) · Claude Sonnet 4.6 · 3m 05s

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F3
claim-not-supported
updatesFBI Operation Ghost Hook — Outsider PhaaS
across 55 countries including EU member states
Sources say 'United States', not 'EU member states'Changed to 'including the United States' per CyberScoop fixed-clean

Verification & coverage notes

The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.

Verification & coverage notesrun record body

2026-06-15-d964affc · Claude Opus 4.8 · 2 entries published

  • Quiet window. The 36 h recency window (gap to prior brief 24 h) genuinely produced little new in-window primary publication; most sub-agent candidates were June 9–11 advisories already absorbed by the 2026-06-10 → 2026-06-14 dailies. § 1 and § 4 carry the only solidly in-window developments; §§ 2–3 reflect that brevity rather than missed coverage. Per the less-is-more rule, the brief was not padded.
  • Items dropped — already covered, no material in-window delta:
    • Splunk Enterprise CVE-2026-20253 ("watchTowr full RCE chain") — a sub-agent surfaced this as a new development, but the 2026-06-14 brief already covered the complete pre-auth RCE chain (PostgreSQL sidecar /v1/postgres/recovery/backup + /restore, empty Basic-auth → code execution) in both § 2 and its deep dive, citing the same watchTowr Labs (2026-06-12) write-up. No delta; the "file-write only" framing of the prior coverage was inaccurate.
    • Cisco Catalyst SD-WAN Manager CVE-2026-20245 — covered 2026-06-06 (§ 2 + deep-dive context) and re-checked 2026-06-08. The only change this window is the CISA KEV listing (2026-06-09); per PD-13 a KEV listing/deadline on an already-covered, already-confirmed-exploited item is not a fresh threat delta. Re-checked, no promotion.
    • Microsoft Exchange OWA stored XSS CVE-2026-42897 — deep-dived 2026-05-16; the permanent patch (2026-06-09) and CERT-FR alert (2026-06-11) are both out of the 36 h window, and the June patch cycle was covered 2026-06-12. No in-window delta.
  • CVEs assessed and not promoted to § 2 (did not clear an inclusion gate, or out-of-window):
    • Adobe ColdFusion CVE-2026-47928 (CVSS 9.6) + CVE-2026-47932 (CVSS 8.8, path-traversal) — unauthenticated, no-interaction RCE with host-level scope change (APSB26-64, 2026-06-09; fixed 2023 Update 20 / 2025 Update 9). On inspection the CVSS vector is AV:A/AC:L/PR:N/UI:N/S:C/...adjacent-network, not internet-routable — so the earlier "internet-exposed RCE" framing overstated reachability; the realistic threat model requires an attacker already on the same segment. No KEV listing, no ENISA-EUVD-exploited status, no in-the-wild exploitation and no public PoC, and the primary advisory is out of the 36 h window. It therefore clears no § 2 inclusion gate. Still worth patching (see § 6) given ColdFusion's exploitation history and the 9.6 score on flat networks; single-source (Adobe PSIRT — the vendor is the primary disclosing party for its own product).
    • OpenSSL CVE-2026-45447 (PKCS7_verify heap UAF, "potential RCE") / CVE-2026-34182 — primary advisory 2026-06-09, out of window; no in-the-wild exploitation, no public PoC; already noted as an out-of-window drop on 2026-06-13. CMS API users unaffected. Patch and migrate EOL 1.1.1/1.0.2 deployments, but it does not meet the § 2 bar.
    • GitLab EE CVE-2026-6552 (Group SAML account takeover, CVSS 8.7) + CVE-2026-10087 / CVE-2026-7250 / CVE-2026-9204 — patch released 2026-06-10 (out of window); post-auth (Group Owner required), no ITW, no public PoC, CVSS below the 9.0 EUVD threshold. Already assessed and dropped on 2026-06-13. Worth scheduling 19.0.2 / 18.11.5 / 18.10.8; does not clear a § 2 gate.
    • Traefik CVE-2026-47124 (security-policy bypass, GHSA-3g6v-2r68-prfc) — patch 2026-06-11 (out of window); no exploitation, no PoC, not a CVSS-9-class RCE; only affects multi-router-equal-priority configurations. Relevant to EU/CH Kubernetes ingress estates — upgrade to v3.6.20 / v3.7.4 — but below the § 2 bar.
  • Recency caveat on the one included out-of-window item: the Cal Water / Handala incident (primary sources 2026-06-12, within the 72 h developing window but outside the strict 36 h window) was promoted on transferable-defender-value grounds — a novel and replicable internet-exposed GNSS/NTRIP attack vector directly applicable to CH/EU water and utility operators — with its publication dates shown inline.
  • Unconfirmed claim — held from the body, surfaced to watch: ShinyHunters (UNC6240) listed the Council of Europe (coe.int) on its extortion site on 14 June, claiming ~297 GB of HR/payroll data (~10,000 staff) with a 16 June deadline. Sourced only to two ransomware-monitor blogs (DeXpose, hendryadrian.com); no victim statement and no high-reliability journalism (BleepingComputer, The Record, SecurityWeek) as of 2026-06-15 ~04:40 UTC. Under the fake-news guard (PD-6) leak-site claims require victim disclosure or HIGH-reliability journalism — not met. High potential CH/EU public-sector relevance if confirmed; recommend monitoring for victim confirmation.
  • Single-source items in the body: none. (ColdFusion CVE-2026-47928, the only single-source candidate, was not promoted to § 2 — see the assessed-not-promoted list above.)
  • Contradictions: none unresolved.
  • Sub-agents: all four (S1–S4) returned within the cap; S3 returned zero in-window items (genuinely empty research window, confirmed against the 88-record prior-coverage set).
  • Coverage gaps: inside-it-ch (HTTP 403, no Wayback snapshots in 180 days — 4-run failing streak); cert-at (RSS feed returned empty/non-JSON body); ncsc-ch-focus (week 24/25 weekly reports not yet published, 404); sophos-xops (feed 404; featured-blog feed only items June 4–11, out of window); risky-biz (feed 404); databreaches-net (403, 7-run failing streak — bridge deferred, WebSearch fallback found no unique in-window items); sec-disclosures-edgar (EDGAR Item 1.05 query returned zero in-window 8-K cyber filings — content-empty, not a fetch failure); ico-uk, cnil-fr, edpb, troyhunt, mandiant-gtig, sans-isc — fetched/checked, no new in-window content.

Unmatched action items (migrated)

  • Audit your external attack surface for internet-exposed RTKBase / NTRIP / GNSS and industrial-IoT platforms. The Cal Water compromise (§ 1) started at a public-facing GNSS-correction server on stale credentials and pivoted to the IT data plane. Place any such service behind MFA-enforced VPN/ZTNA, rotate NTRIP mountpoint passwords, and validate segmentation between the GNSS/IoT layer and billing/IT subnets. Hunt for NTRIP caster authentication from non-field-crew source addresses.
  • Schedule the Adobe ColdFusion update (CVE-2026-47928), prioritising flat/shared network segments. Apply ColdFusion 2023 Update 20 / 2025 Update 9 (see § 7) — an unauthenticated, no-interaction CVSS 9.6 RCE with host-level scope change. Note the CVSS vector is AV:A (adjacent network, not internet-routable), so the realistic threat is an attacker who already holds a foothold on the same segment; this lowers urgency relative to a network-reachable RCE but still warrants prompt patching given ColdFusion's exploitation history. Restrict ColdFusion admin-console exposure as a defence-in-depth measure.
  • Sustain phishing-page hunting despite the Outsider takedown (§ 4). The FBI seizure cuts Outsider's active infrastructure but not the AI-assisted kit technique; continue to hunt AI-generated package/toll/parking credential-harvest pages and brand-impersonation lures targeting staff.

Migrated from briefs/2026-06-15.md (v2).

← Operations dashboard · day page 2026-06-15 · run-record contract: docs/pipeline.md