2026-06-23-165387f6
One pipeline fire, in full · intel run of 2026-06-23 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-06-23/2026-06-23-165387f6.md.
Run telemetry
- Items returned
- 4
- Duration
- 11m 30s
- Tool calls
- 12 WebFetch15 WebSearch12 bridge
- Cited sources
- 4 of 9 in slice
- Items returned
- 5
- Duration
- 12m 54s
- Tool calls
- 14 WebFetch6 WebSearch18 bridge
- Cited sources
- 3 of 10 in slice
- Items returned
- 6
- Duration
- 6m 41s
- Tool calls
- 12 WebFetch11 WebSearch18 bridge
- Cited sources
- 5 of 8 in slice
- Items returned
- 3
- Duration
- 5m 33s
- Tool calls
- 5 WebFetch12 WebSearch8 bridge
- Cited sources
- 3 of 9 in slice
Verification
Deep dive
2026-06-23/sonicwall-cve-2024-40766-why-patched-firewalls-keep-falling
Entries published (this run)
- ShapedPlugin build pipeline compromised — three Pro WordPress plugins backdoored to steal credentials, 2FA secrets and drop a web shell incident high
- Two Scattered Spider members plead guilty over the 2024 Transport for London intrusion threat notable
- CVE-2026-20896 — Gitea (Docker): trust-all reverse-proxy default lets an unauthenticated attacker impersonate any user via X-WEBAUTH-USER vulnerability high
- CVE-2026-12789 — ILIAS 11.0: unpatched, PoC-public SQL injection in the learning-progress subsystem (DACH education exposure) vulnerability notable
- "Squidbleed" — a 29-year-old heap over-read in Squid's FTP gateway leaks other users' cleartext HTTP credentials (CVE-2026-47729) research high
- Elastic shows how the newly-GA Azure AD Graph Activity Logs close a long-standing Entra enumeration blind spot research notable
- FortiBleed — first full tool-chain disclosure (FortigateSniffer, SNIFTRAN, GPU cracking cluster); Fortinet confirms no new CVE vulnerability high update
- Klue/Icarus OAuth-token breach — named victim list expands to nine firms, mostly cybersecurity vendors incident notable update
- SonicWall CVE-2024-40766: why patched firewalls keep falling to Akira and Fog vulnerability high
Sources changed (this run)
Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.
No source-list edits recorded for this run.
Coverage gaps (this run)
Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)
No coverage gaps in this run · every source the brief needed returned usable content via its documented recipe.
Verification findings · all iterations
Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.
Iteration #1 NEEDS_FIXES · 5 findings (truth=2, editorial=1, advisory=3) · Claude Opus 4.8 · 4m 50s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F3 claim-not-supported | research | Squidbleed CVE-2026-47729 fixed-version claim no released Squid version contains the fix yet ... wait for 7.7 | Cited sources contradict: SecurityWeek says fix shipped in 7.6; Debian/THN say commit likely already in 7.6 | Rewrote TL;DR/3/6 to present fixed version as disputed upstream (7.6 vs 7.7); added 7 contradiction line fixed-clean |
| F4 hallucinated-fact | updates | FortiBleed tool-chain UPDATE 07:00-18:00 Moscow Time and Hashtopolis | Moscow-Time working hours and Hashtopolis appear in none of the four cited sources; only 36-GPU count corroborated | Dropped Moscow-Time and Hashtopolis specifics; kept 36-GPU cluster (BleepingComputer); russia-nexus retained on SecurityAffairs/W25 attribution fixed-clean |
| F9 surface-contradiction | active-threats | TfL intrusion cost at a stated cost of GBP39M | NCA primary says GBP29M; Yahoo/BBC say GBP39M; brief silently used GBP39M while citing NCA first | Changed to NCA GBP29M; flagged GBP39M discrepancy in body + 7 contradiction line fixed-clean |
| F8 needs-more-research | deep-dive | SonicWall deep dive omits Gen-6 CVE-2024-12802 Gen 6 MFA-bypass manual LDAP steps | SANS ISC primary treats CVE-2024-12802 as co-equal; advisory | Added one-line Gen-6 note citing SANS ISC; CVE-2024-12802 in cves_seen fixed-clean |
| F11 editorial-advisory | multiple | Minor over-specifications Elastic early May; Squid NVD pending; Project Glasswing; ILIAS enrolled student | Advisory over-specifications | Elastic to early 2026; removed NVD pending; dropped Project Glasswing; ILIAS to authenticated user (PR:High) fixed-clean |
Iteration #2 CLEAN · 2 findings (truth=0, editorial=0, advisory=1) · Claude Sonnet 4.6 · 4m 19s
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F11 editorial-advisory | trending-vulnerabilities | Gitea 1.26.4 release date both released 2026-06-20 | 1.26.4 released 2026-06-21 not 06-20 | Corrected to 1.26.3 (06-20) / 1.26.4 (06-21); updated inline cite dates fixed-clean |
| F10 missed-angle | updates | FortiBleed russia-nexus tag Tags: ... russia-nexus | russia-nexus rests on SOCRadar (additional source) only | Added in-prose SOCRadar attribution ('characterises the operators as Russian-speaking') grounding the tag; tag retained fixed-clean |
Verification & coverage notes
The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.
Verification & coverage notesrun record body
2026-06-23-165387f6 · Claude Opus 4.8 · 9 entries published
- Items dropped:
- CVE-2026-20245 — Cisco Catalyst SD-WAN Manager CLI command-injection-to-root ("sixth SD-WAN zero-day of 2026"). Verified live (Cisco PSIRT advisory
cisco-sa-sdwan-privesc-4uxFrdzx, dated 2026-06-05; SecurityWeek 2026-06-09; CISA KEV dateAdded 2026-06-09) but dropped on recency: the primary source is ~14 days old, with no fresh in-window exploitation or attribution delta. The only in-window anchor was the CISA-KEV remediation deadline of 2026-06-23 — a US FCEB compliance date with no jurisdictional weight for a CH/EU SOC and, per PD-13, never sufficient on its own to justify coverage. - DifyTap — CVE-2026-41947 / -41948 / -41949 (cross-tenant authorization flaws in the Dify AI platform, CVSS up to 9.4). Did not clear the § 2 inclusion gate (exploitation requires an authenticated editor; no in-the-wild exploitation reported), and the only reachable sourcing was an aggregator (The Hacker News) plus NVD — the Zafran Security primary write-up was not separately resolvable. Held for future coverage if a primary source or exploitation emerges.
- Microsoft 365 Copilot — CVE-2026-54130 (CVSS 9.8) / CVE-2026-47645 (8.8), BSI WID-SEC-2026-2020. Microsoft mitigated both server-side with no customer action required, so neither meets the daily relevance bar (nothing to patch/hunt/block/detect). Noted only as a SaaS-attack-surface signal — EU public-sector M365 tenants should keep Copilot in their SaaS bulletin-monitoring scope.
- AryStinger botnet (legacy D-Link / QNAP reconnaissance-and-proxy mesh). Re-surfaced by a sub-agent but already covered as the 2026-06-22 deep dive; excluded per PD-8 (no material in-window delta).
- CVE-2026-20245 — Cisco Catalyst SD-WAN Manager CLI command-injection-to-root ("sixth SD-WAN zero-day of 2026"). Verified live (Cisco PSIRT advisory
- Single-source items: Elastic Azure AD Graph Activity Logs detection guide (§ 3) — Elastic is a vendor lab, so the national-CERT carve-out does not apply; the underlying GA log source and the described detections are independently verifiable against Microsoft documentation.
- Reduced-confidence / disambiguation: ShapedPlugin sources reference both CVE-2026-10735 (CVSS 9.8) and a duplicate submission CVE-2026-49777 (CVSS 10.0); this brief uses CVE-2026-10735 as the canonical identifier. ILIAS CVE-2026-12789 (§ 2) sits below the standard § 2 CVSS/exploitation gate (CVSS v4 2.0, authenticated) and is retained on CH/EU-public-sector-education relevance grounds: BSI-flagged, no patch available, public PoC, and DACH-ubiquitous deployment.
- Contradictions: TfL incident cost (§ 1) — the NCA primary press release states £29M in loss and recovery costs, while ITV and the BBC report £39M; the brief uses the NCA figure and flags the discrepancy. Squidbleed fixed version (§ 3) — sources disagree: the Squid maintainer first cited 7.6 then 7.7, Debian assesses the commit is already in 7.6 (released 8 June), and SecurityWeek reports the fix shipped in 7.6; the brief treats the fixed version as disputed and advises verifying against the actual build rather than a release number.
- Stalled sub-agents: none — all four research sub-agents returned within the wall-clock budget.
- Coverage gaps: databreaches-net (HTTP 403 on per-article drill — RSS feed reachable, article bodies blocked; rotation-priority); inside-it-ch (Cloudflare-gated; 2026-06-22 content was administrative IT-governance only, no in-window security items; rotation-priority); xlab-qianxin (blog 403 to bridge — AryStinger material reached via BleepingComputer); anssi-fr, ncsc-nl, cert-eu, cert-fr-actu (freshest advisories dated just outside the 36 h window); cnil-fr, ico-uk, sec-disclosures-edgar (no in-window enforcement actions or 8-K Item 1.05 filings).
Unmatched action items (migrated)
- Audit WordPress estates for ShapedPlugin Pro plugins (Product Slider Pro, Real Testimonials Pro, Smart Post Show Pro). If any was on a Pro update between ~21 May and mid-June, treat the site as fully compromised: update to fixed versions and rotate admin passwords, 2FA, DB credentials and
wp-config.phpsalts; hunt forLicenseLoader.phpand hiddenwoocommerce-subscription/woocommerce-notificationplugins. See § 1. - Hunt FortiGate appliances for abuse of
diagnose sniffer packetand stray PCAP files, and force a domain-wide credential rotation for any device in the FortiBleed corpus — harvested AD credentials are the downstream prize. See § 4. - Disable FTP proxying on Squid (drop FTP from
Safe_ports/http_access deny ftp) as an interim mitigation for Squidbleed. The fixed version is disputed upstream (7.6 vs 7.7), so confirm the fix is present in your actual build rather than trusting a version number. See § 3. - Enable
AADGraphActivityLogsin Entra diagnostic settings and route them to your SIEM, then deploy ROADrecon/AADInternals enumeration detections (user-agent,client_idvs known apps, 4xx bursts). Low-cost closure of a long-standing identity blind spot. See § 3. - For ILIAS LMS operators (no patch available): apply WAF rules on the learning-progress endpoints, restrict them to enrolled roles, and verify the ILIAS DB account lacks
FILE/DROP/superuser rights. Monitor BSI/GitHub for a fix. See § 2.
Migrated from briefs/2026-06-23.md (v2).
← Operations dashboard · day page 2026-06-23 · run-record contract: docs/pipeline.md