ctipilot.ch

2026-07-13T2009Z-intel

One pipeline fire, in full · intel run of 2026-07-13 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-07-13/2026-07-13T2009Z-intel.md.

Run telemetry

2026-07-13T2009Z-intel intel prompt v3.24 publish ok
2h 27m duration 4 published 1 updates
Claude Opus 4.8 (claude-opus-4-8) main agent
S1 Claude Sonnet 5 (claude-sonnet-5)
Items returned
3
Duration
7m 57s
Tool calls
not reported
Cited sources
6 of 14 in slice
S2 Claude Sonnet 5 (claude-sonnet-5)
Items returned
2
Duration
12m 33s
Tool calls
not reported
Cited sources
2 of 16 in slice
S3 Claude Sonnet 5 (claude-sonnet-5)
Items returned
0
Duration
6m 37s
Tool calls
not reported
Cited sources
none
S4 Claude Sonnet 5 (claude-sonnet-5)
Items returned
2
Duration
9m 58s
Tool calls
not reported
Cited sources
none

Verification

unconfirmed CLEAN · waived: single CLEAN at iteration cap (5): iteration 5 (Opus) returned CLEAN following i #1 NEEDS_FIXES · Claude Opus 4.8 · t=2 e=0 a=0 #2 NEEDS_FIXES · Sonnet 5 · t=2 e=1 a=0 #3 CLEAN · Claude Opus 4.8 · t=0 e=0 a=1 #4 NEEDS_FIXES · Sonnet 5 · t=2 e=2 a=1 #5 CLEAN · Claude Opus 4.8 · t=0 e=0 a=0

Deep dive

Sources changed (this run)

Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.

No source-list edits recorded for this run.

Coverage gaps (this run)

Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)

Source (uncovered)URL triedMethod chainStatus / classWhat the agent did instead
inside-it-chhttps://www.inside-it.ch/kommando-cyber-verabschiedet-sich-von-microsoft-2026071bridge:urlbridge:jinawebfetch403 transport-403
direct HTTP 403 and jina reader relayed an upstream block/challenge for this specific article URL (S2)
S2 pivoted to Republik + heise for the underlying story; item ultimately not published (see notes)

Verification findings · all iterations

Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.

Iteration #1 NEEDS_FIXES · 2 findings (truth=2, editorial=0, advisory=0) · Claude Opus 4.8 · —

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F3
claim-not-supported
COMCYBER citation attached a Berserk-Bear/Polish-grid same-unit framing the COMCYBER page never makes (it covers only the Turla mode + APT28 background).Re-attributed: COMCYBER now cited only for the Turla mode (FSB 16th Centre intelligence MOA since ≥2004); the parent-unit framing (16th Centre spanning Turla +
F4
hallucinated-fact
'consumer IP cameras and smart doorbells, not only professional CCTV' is not in the cited NL Times/ANP articles (which say IP cameras, including cameras used by businesses).Removed the doorbell/consumer-vs-CCTV embellishment from the entry summary, body and registry campaign summary; replaced with source-supported 'internet-connect

Iteration #2 NEEDS_FIXES · 3 findings (truth=2, editorial=1, advisory=0) · Claude Sonnet 5 · —

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F4
hallucinated-fact
'including hijacked Iranian servers' was attached to the ANSSI citation but appears in neither the ANSSI newsroom page nor the full CERT-FR CERTFR-2026-CTI-005 PDF for this disclosure (only an unrelatRemoved the 'including hijacked Iranian servers' clause; the sentence now reads 'rented or previously-compromised infrastructure for camouflage', which the ANSS
F4
hallucinated-fact
CVE-2026-61500 carried status/tag `poc-public`, but no public PoC is mentioned by VulnCheck, the GitHub release or NVD, and the body claims none.Removed `poc-public` from both the entry tags and the CVE-2026-61500 status[] (now [patch-available]).
F5
missing-citation
The 'HFS 2.x documented history of rapid weaponisation by ransomware/cryptomining botnets' inclusion justification carried no citation (fetched-source support unavailable this run; the KEV-listed predRemoved the uncited historical-weaponisation claim from the entry body and summary; inclusion now rests on the current bug's own cited profile (pre-auth unauthe

Iteration #4 NEEDS_FIXES · 4 findings (truth=2, editorial=2, advisory=1) · Claude Sonnet 5 · —

F-codeSectionItem · URL/quoteVerifier summaryRemediation · outcome
F9
surface-contradiction
Intermediary-victim range '2021 and 2025' was cited to CERT-FR, but the CERT-FR CERTFR-2026-CTI-005 PDF (p.4) says 'Between 2019 and 2025'; '2021' matches ANSSI's newsroom page instead.Changed the entry body to 'between 2019 and 2025' (the CERT-FR primary); documented the ANSSI-vs-CERT-FR discrepancy in the sourcing_note.
F9
surface-contradiction
heise (cited corroborating) attributes 'hijacked Iranian servers' to the French report, but the CERT-FR PDF (p.3) never mentions Iran; the contradiction was not surfaced.The Iran claim was already removed from the entry body in iteration 2; added a sourcing_note line stating heise's Iranian-servers paraphrase is not in the CERT-
F5
missing-citation
Uncited historical claim 'an earlier AI Platform sandbox-escape RCE ServiceNow patched in January 2026' (independently CVE-2026-0542, but no fetched source this run).Removed the parenthetical; the ServiceNow entry now makes no uncited historical comparison.
F12
single-source-flag-missing
Run-record notes described this entry twice as the 'single-source-national-cert' carve-out, contradicting the entry's own correct 'verification: single-source' (AIVD/MIVD are not on the org's nationalCorrected both run-record mentions to 'single-source' and stated the national-CERT carve-out value is deliberately not claimed (wire-relayed, not fetched from t

Verification & coverage notes

The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.

Verification & coverage notesrun record body

2026-07-13T2009Z-intel · Claude Opus 4.8 · window 24 h · 4 entries published

Run 2026-07-13T2009Z-intel

Intraday fire. Previous run 2026-07-13T1212Z-intel (started 12:12:27Z, publish ok); gap ≈ 8 h → window_hours 24 (hard floor). No intel/ drops in-window → no S5. No watchlists configured (product/supplier sweeps no-op). All four research sub-agents (S1–S4) returned within cap; models self-reported Sonnet 5 (research pin). Main agent: Claude Opus 4.8.

Verification & coverage notes

Published (4 files — 3 new + 1 update):

  • rejetto-hfs-...-cve-2026-61500 (vulnerability, notable) — VulnCheck six-CVE chain in Rejetto HFS < 3.2.1; CVE-2026-61500 pre-auth session forgery → RCE. Companion CVE ids (61501–61505) verified against NVD (per-CVE authority, not the THREATINT aggregator S1 first cited). No ITW exploitation; included because it is a pre-auth unauthenticated RCE in internet-facing file-sharing software with the patch just public — an out-of-band-patch decision for any exposed instance (the earlier uncited "2.x weaponisation history" rationale was removed at verification).
  • servicenow-ai-platform-...-cve-2026-6875 (vulnerability, notable) — unauth code-execution sandbox escape, CVSS 9.5, patched 2026-07-13; hosted instances fixed server-side by vendor, self-hosted/partner-managed = residual exposure. single-source (ServiceNow PSIRT first-party for its own product; EUVD mirrors). Calibrated to notable not high: no exploitation, no PoC, vendor already remediated the majority (hosted) population.
  • russia-ip-camera-hijacking-nato-military-supply-routes (incident, notable) — AIVD/MIVD disclosure of default-credential/outdated-firmware IP-camera hijacking along NATO logistics routes; NL/FR/DE/FI ambassador summons + NATO condemnation on 2026-07-13. single-source (AIVD/MIVD is the national-authority discloser but the substance was relayed via the ANP wire, not fetched from the agencies' own bulletin — see below; the formal national-CERT carve-out value is not claimed).
  • france-eu-turla-fsb-centre-16-attribution-french-victimology (threat, notable, update_of: 2026-07-13/fsb-centre-16-static-tundra-router-hijacking-advisory) — sibling FSB Centre 16 cluster (Turla/Secret Blizzard); France/EU attribution, French victimology, EU/UK sanctions on AO AST + NPP Gamma. Published as an update-delta rather than a full companion (PD-8) and framed around Turla's access tradecraft, deliberately distinct from the morning router-hijacking entry and today's IP-camera entry — three separate technical stories on one coordinated diplomatic day, kept from becoming near-duplicates.

Single-source / carve-outs:

  • russia-ip-camera-hijacking-... — Single-source (verification: single-source): the substance is a first-party AIVD/MIVD disclosure for their own jurisdiction, but it was reported via the ANP wire (NL Times) and the agencies' own bulletin was not directly reachable this run, so both cited URLs are ANP-sourced (not independent) and the formal single-source-national-cert carve-out value is deliberately NOT used. Independently carried by Ukrainska Pravda / UNITED24 / APA per search but those could not be fetched cleanly → credibility held at 2, confidence medium. No named Russian APT cluster stated (an earlier allied APT28/GRU-26165 camera-targeting attribution is background only, not carried).
  • servicenow-... — Single-source: ServiceNow's own security KB is the first-party authority for its product; EUVD mirrors the disclosure. No independent technical analysis yet.

Borderline drops:

  • borderline-drop: @zereight/mcp-gitlab path traversal (CVE-2026-61462) — niche third-party MCP connector, no novel technique (S1: "a further instance of the broader agentic-tooling exposure pattern"), no exploitation; the AI-agent-tooling supply-chain pattern is already well covered (GhostApproval 07-09, PraisonAI 07-11, friendly-fire 07-11). Marginal relevance to this constituency.
  • borderline-drop: Swiss Armed Forces Cyber Command OpenDesk / M365 exit — directly relevant to the constituency's core (Swiss federal/military sovereign-cloud posture) but a strategic/governance story with no operational defender action (no patch/hunt/block/detect; techniques[] empty). Belongs to the weekly strategic run, not an operational intel run. FLAG FOR WEEKLY: Republik 2026-07-09 + heise 2026-07-10, in-window republication via inside-it.ch 12:13Z; the Federal Chancellery's own fleet-wide M365 feasibility study is due mid-August 2026 (a watch item).
  • borderline-drop: Lidl online-shop service-provider breach (DE/BE/NL) — retail is off-sector for this org (sectors: public-sector/energy/water/transport/healthcare/finance/telco); no actor, no TTP (vector undisclosed), no CVE. Fails the stricter breach/incident inclusion gate — European geography alone with no CI/gov nexus and no transferable operational lesson.
  • (S4 fake-news-guard drops, logged in findings.S4.yaml: D1R vs Synopsys/Bosch, Qilin vs Retelit SpA — unconfirmed leak-site claims; ZEGO/AssuranceAmerica/Centers-Lab — out-of-nexus/stale.)

Verification loop (5 iterations — reached the cap, final CLEAN, confirmation waived): iter 1 (Opus) NEEDS_FIXES — F3 Turla COMCYBER over-attribution, F4 IP-camera doorbell/consumer embellishment; both remediated. iter 2 (Sonnet) first spawn died on an infrastructure session-limit error (no verdict); re-spawned after the 21:30 UTC reset and returned NEEDS_FIXES — confirmed iter-1 fixes held, found F4 Turla "Iranian servers" (not in ANSSI/CERT-FR primary), F4 Rejetto unsupported poc-public, F5 Rejetto uncited 2.x-weaponisation history; all remediated. iter 3 (Opus) CLEAN — all fixes confirmed. iter 4 (Sonnet, confirmation pass) did NOT confirm — cross-checked the Turla entry's own sources against each other and surfaced F9 date-range (CERT-FR says 2019–2025, entry had 2021), F9 heise/CERT-FR Iran contradiction, F5 ServiceNow uncited Jan-2026 comparison, F12 run-record single-source-national-cert mischaracterisation; all remediated. iter 5 (Opus) CLEAN — all iter-4 fixes confirmed, independent pass clean. Single CLEAN at the 5-iteration cap → publish under the double-CLEAN fail-open (confirmation_waived). No entry dropped by verification. Total run duration (~2.5 h) is dominated by the session-limit wait and the five sequential verifier iterations, not by research/composition — under the runaway threshold but longer than a normal quiet fire.

Deep-dive: none. The morning 12:12Z run already published today's deep dive (FSB Centre 16). No candidate this run independently earns deep-dive treatment with materially higher urgency (no active ITW exploitation of the vulns; Turla is an update; IP-camera is notable).

Completeness sweep: re-read all four findings sets including borderline items. The three drops above are gate-failures (off-scope, marginal, or strategic-not-operational), not space-driven omissions. S1's Apache Gravitino and S3's chased-and-dropped leads (JadePuffer, Dialogflow CX, coding-agent RCE) all traced to already-covered or out-of-window primaries. No genuinely-relevant operational item left behind.

Priority calibration: zero critical, zero high this run — appropriate for a quiet intraday window. Two notable vulns (both patched, neither exploited), one notable update (attribution/sanctions), one notable incident (nation-state, broad hardening lesson). No priority inflated to drive notifications.

  • Coverage gaps: ncsc-uk (RSS/feed path unresolved — 404s; listing still reachable via bridge); trendmicro-research (feed stale since 2026-06-29); cert-eu (advisories RSS stale since 2026-06-10); cert-at (English blog stale since 2026-06-01); industrialcyber-co (Cloudflare 403, unreachable via direct + jina — 3rd consecutive run); cisa-advisories (JS-rendered listing, no article links via bridge — cross-checked via WebSearch); shadowserver, snyk-research, cisa-directives, cert-pl (S1 slice) — not fetched, time allocation, no exclusive lead surfaced.
  • Essential-coverage: all 15 essential sources attempted across S1/S2; cisa-advisories listing returned no parseable article links (JS-rendered) and was cross-checked via WebSearch (no in-window item beyond already-covered AA26-194A / Joomla KEV). No essential source produced an unpublished in-window item.

← Operations dashboard · run-record contract: docs/pipeline.md