2026-07-14T2009Z-intel
One pipeline fire, in full · intel run of 2026-07-14 · sub-agent allocation and telemetry, per-iteration verification verdicts and findings, source-list edits, coverage gaps, bridge invocations — and the run's own verification & coverage notes: what was published, what was dropped at the borderline or judged not relevant (and why), single-source carve-outs, and contradictions. Rendered from runs/2026-07-14/2026-07-14T2009Z-intel.md.
Run telemetry
- Items returned
- 3
- Duration
- 8m 05s
- Tool calls
- not reported
- Cited sources
- 9 of 23 in slice
- Items returned
- 2
- Duration
- 12m 47s
- Tool calls
- not reported
- Cited sources
- 4 of 25 in slice
- Items returned
- 3
- Duration
- 12m 02s
- Tool calls
- not reported
- Cited sources
- 3 of 15 in slice
- Items returned
- 3
- Duration
- 9m 31s
- Tool calls
- not reported
- Cited sources
- 4 of 9 in slice
Verification
Deep dive
—
Entries published (this run)
- Microsoft July 2026 Patch Tuesday ships two actively-exploited zero-days — AD FS local EoP (CVE-2026-56155) and unauthenticated SharePoint EoP (CVE-2026-56164) vulnerability high
- SAP July 2026 Security Patch Day: three CVSS ≥9.1 flaws in NetWeaver AS ABAP, Approuter and Commerce Cloud — two reachable without authentication vulnerability notable
- CVE-2026-15409 — SonicWall SMA1000: unauthenticated SSRF (CVSS 10.0) chained to post-auth code injection, actively exploited vulnerability high
- Progress confirms the ShareFile Storage Zone Controller shutdown was forced by a path-traversal zero-day; patches 5.12.5 / 6.0.2 ship and service is restored vulnerability high update
- DragonForce lists Geneva's IFAGE adult-education foundation on its leak site, claiming 850 GB — an attribution and volume IFAGE has not confirmed incident notable
- Microsoft maps three ShinyHunters-tradecraft OAuth-abuse paths against Salesforce customers — none exploiting a Salesforce vulnerability research notable
- A lone actor used a jailbroken Gemini CLI to autonomously rebuild and redeploy C2 infrastructure in six minutes ("Patriot Bait") threat notable
- Cisco Talos maps the full taxonomy of Python-package build-time and import-time code execution ("The Serpent's Tongue") research notable
Sources changed (this run)
Edits this run made to sources/sources.json · promotions, demotions, new candidates, and fetch-method / category / reliability / url corrections (the run record's sources_changed[]). Paginated; 10 per page.
No source-list edits recorded for this run.
Coverage gaps (this run)
Sources this run's brief needed that returned no usable content via any documented recipe. Bridge-recovered or quiet-day sources do NOT appear here. (Distinct from the independent source-accessibility probe at the foot of this section, which probes all active sources regardless of what any run needed.)
No coverage gaps in this run · every source the brief needed returned usable content via its documented recipe.
Verification findings · all iterations
Per-iteration finding detail. Each table is one verifier pass · what was flagged, how the main agent remediated it, and the outcome. Walking the tables top-to-bottom shows the verifier's debugging trail across iterations.
Iteration #1 NEEDS_FIXES · 5 findings (truth=4, editorial=0, advisory=1) · Claude Opus 4.8 · —
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F3 claim-not-supported | — | The 'DART incident-response team as the finder' detail was attributed to the ZDI blog, but ZDI's page carries no DART mention; the DART credit is on the MSRC CVE-2026-56155 acknowledgements. Fact true | Re-attributed the DART-finder detail from ZDI to Microsoft's MSRC advisory (CVE-2026-56155). | |
| F4 hallucinated-fact | — | Both evidence[] quotes non-verbatim — one dropped 'the'; the other was an ellipsis-splice dropping 'a' and the source's endpoint clause. | Replaced both with contiguous verbatim substrings of the Talos post. | |
| F4 hallucinated-fact | — | All three evidence[] quotes non-verbatim — dropped words ('connected'/'their') and two spliced constructions the source does not contain contiguously. | Re-fetched the MSRC blog and replaced all three with contiguous verbatim substrings. | |
| F4 hallucinated-fact | — | 'with a criminal complaint filed' not supported by the only cited source (La Télé). | Dropped the 'with a criminal complaint filed' clause; the FDPIC report (source-supported) is retained. | |
| F11 editorial-advisory | — | Run-record note labelled the SonicWall entry 'multi-source' while the entry frontmatter is correctly single-source. | Aligned the run-record note to single-source (KEV noted as CVE status, not a linked source). |
Iteration #2 NEEDS_FIXES · 4 findings (truth=3, editorial=1, advisory=0) · Claude Sonnet 5 · —
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F4 hallucinated-fact | — | ZDI evidence[] quote truncated the source's closing clause and substituted a terminal period without an ellipsis. | Extended the quote to the full contiguous verbatim sentence including 'and worry about the score later.' | |
| F4 hallucinated-fact | — | SecurityWeek evidence[] quote substituted a period for a comma and dropped the trailing attribution clause. | Extended the quote to the full contiguous verbatim substring including ', SAP security firm Onapsis explains.' | |
| F4 hallucinated-fact | — | sectors: [healthcare] had no basis in either cited source; the dental-clinic victim is an incidental botnet infection, not a sector focus. | Set sectors: []; the dental-clinic detail remains in the body as a source-supported example. | |
| F17 ? | — | classification reliability A did not match the entry's primary-role source (BleepingComputer, B-tier), inconsistent with the SAP entry's same-run precedent. | Lowered reliability to B (credibility 1 unchanged). |
Iteration #3 NEEDS_FIXES · 1 finding (truth=1, editorial=0, advisory=0) · Claude Opus 4.8 · —
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F4 hallucinated-fact | — | Two facts unsupported by either cited source: 'operated in partnership with the Canton of Geneva' (underpinning the public-sector nexus) and 'no system encryption' (an inference from 'no ransom' prese | Removed both unsupported claims from the entry (summary, body, Defender-takeaway) and the registry summary; changed sectors from [public-sector, education] to [ |
Iteration #4 NEEDS_FIXES cap-breach · 1 finding (truth=1, editorial=0, advisory=0) · Claude Sonnet 5 · —
| F-code | Section | Item · URL/quote | Verifier summary | Remediation · outcome |
|---|---|---|---|---|
| F3 claim-not-supported | — | The entry cited NCSC-NL advisory NCSC-2026-0237 as corroborating 'both zero-days confirmed exploited,' but that advisory is a bulk monthly Office bulletin that never mentions CVE-2026-56155 (AD FS) an | Removed the NCSC-NL source and re-scoped the sourcing note: the exploited/zero-day status rests on the same-day CISA KEV listing (recorded in each CVE's status) |
Verification & coverage notes
The run record's narrative body, verbatim. This is where the run accounts for its own judgement calls — every borderline drop and judged-not-relevant item with its reason, dedup decisions, single-source items and their carve-outs, contradictions, and per-source coverage gaps — so nothing the run considered disappears silently.
Verification & coverage notesrun record body
2026-07-14T2009Z-intel · Claude Opus 4.8 · window 24 h · 8 entries published
Verification & coverage notes
Intraday fire; previous run 2026-07-14T1210Z-intel (~8 h gap). Window held at the 24 h floor. It happened to be Microsoft and SAP patch day (14 July), which drove an eventful window: eight entries cleared the gate (seven new, one update), none rated critical.
Operational incident — container reclaim + full reconstruction. After verifier iterations 1 (Opus) and 2 (Sonnet), during an extended idle wait for iteration 3 the execution container was reclaimed and re-cloned fresh from main, wiping all uncommitted work (the eight entries, this run record, the registry/state/sources edits, and the per-run work/ artefacts). No commit had yet been made (the publishing chain commits atomically only after verification). main had not advanced (no later fire published, base unchanged at 21e9c44), so the entries, state edits, and dedup context were reconstructed byte-for-identical to their post-iteration-2-fix state from the run's working context, and verification was re-run against the reconstructed files (iteration 3 onward). The wall-clock duration_seconds reflects the reclaim gap, not active processing; the true compose/verify work was ~35 min before the reclaim plus the reconstruction and re-verification after it. Sub-agent research telemetry (S1–S4) is preserved from the pre-reclaim returns.
- No deep dive. No candidate earned the long-form kill-chain treatment: the two exploited Microsoft zero-days and the SonicWall CVSS-10.0 chain have no published exploitation mechanics to walk through; SAP, the Talos survey and the ShinyHunters map are roundups/retrospectives; the Patriot Bait AI-C2 case is a low-CI-relevance fraud operation. Depth was not manufactured to fill the slot.
- No critical. The strongest candidate — SonicWall CVE-2026-15409 (CVSS 10.0, vendor-confirmed active exploitation, unauthenticated, internet-facing edge) — is an SSRF chained to a post-auth code-injection, not a direct pre-auth RCE, and the field observation (Volexity-assisted) reads as targeted rather than mass exploitation with a public PoC. The Microsoft zero-days are elevation-of-privilege (AD FS post-foothold; SharePoint a CVSS 5.3 EoP), not stop-the-world RCE. All three are patch-now, so they ship at
high; none clears the extreme critical bar. Where uncertain, high not critical. - Truth correction applied at compose time (not a verifier finding): the breaking-vulnerabilities research characterised Exchange Server CVE-2026-55008 as an "OWA XSS, near-term exploitation likely." The authoritative MSRC page classifies it as a spoofing vulnerability (cross-site scripting) requiring user interaction with an Unproven exploit-code-maturity rating. It is a UI-required, unexploited flaw that does not demand out-of-band action, so it was excluded from the Patch Tuesday entry's CVE table and noted for awareness only. The release's third zero-day (a publicly-disclosed, physical-access BitLocker recovery-mode bypass, reported unexploited) is likewise mentioned as context only, not action-worthy.
- Single-source / carve-out items: SonicWall SMA1000 (
single-source) — the sole citeable source is the vendor PSIRT advisory for its own product (vendor-advisory carve-out); CISA independently listed both CVEs on its KEV catalog the same day, recorded in the entry's CVE status (the KEV catalog root is not a citeable per-item source), and full mechanics rest on the vendor advisory. IFAGE/DragonForce (single-source, C3) — the DragonForce attribution and 850 GB figure rest on a single C-reliability outlet (Inside IT) and are unconfirmed by the victim; the underlying April 2026 breach is separately victim-confirmed (La Télé citing IFAGE) but narrower and with no vector disclosed. Framed as a watch item on the MedusaLocker/Canton-of-Zürich precedent (2026-07-02). Talos "Serpent's Tongue" (single-source) — technique survey from a high-reliability research lab. - borderline-drop: D1R Synopsys/Bosch/ARM extortion claim — an unconfirmed ransomware leak-site claim (no confirmation from any of Synopsys, Bosch or ARM; all reporting traces to the same leak-site post; C-tier journalism only). Fails the fake-news guard, which requires victim disclosure or high-reliability journalism for leak-site claims; the actor is a brand-new unknown with three listings. Recoverable as a new entry if victim confirmation emerges. (Distinct from the IFAGE item, whose underlying breach is victim-confirmed and which is a direct home-region hit.)
- borderline-drop: Lidl online-shop customer-data breach (DE/BE/NL) — a European retail consumer-PII exposure via an unnamed processor, victim-confirmed but out of the constituency's sector nexus (retail is not a profiled sector), with no named actor, no disclosed vector and no novel TTP; the third-party-processor exposure lesson is generic and already amply covered. Geographic proximity alone did not carry it over the breach-inclusion gate.
- Also dropped upstream by the incidents research (out of nexus / no transferable TTP): UK NCA charges tied to the Russian Coms spoofing platform (legal update on a 2024 takedown); Nihon Kotsu taxi-operator malware (Japan-only, no actor/TTP); Centers Laboratory (NJ) and AssuranceAmerica (US) consumer-PII breaches (US-only, no EU/CH nexus, no transferable TTP).
- out-of-window drop: Swiss Kommando Cyber → OpenDesk migration (freshest source inside-it.ch 2026-07-13T12:13Z, just below the 24 h floor); a one-off sourcing/policy decision better suited to the weekly strategic/policy lens than an operational intel entry.
- SAP consolidation: the SAP July Patch Day surfaced independently in both the breaking-vulnerabilities and the home-region research passes; published as a single consolidated entry citing NCSC-CH, SAP's notes page, Onapsis and SecurityWeek.
- Watchlist: no product or supplier watchlist is configured for this deployment — the product and supplier sweeps are no-ops; the sector/region lens was applied throughout.
- Coverage gaps: cert-eu, ncsc-uk (not separately queried — the in-window Patch-Tuesday/SAP CVE set was corroborated via NCSC-NL and NCSC-CH); enisa-euvd (recent-exploited listing only); group-ib, ibm-xforce (JS-only/CMS listing pages returned no enumerable posts — recipe probe owed on a future run); cert-at, cert-pl, enisa, withsecure-labs, truesec, synacktiv, compass-security, cnil-fr, le-monde-info, jpcert, ico-uk, sec-disclosures-edgar, troyhunt, us-treasury-ofac — fetched, quiet or no in-window nexus content.
← Operations dashboard · run-record contract: docs/pipeline.md