Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure is the top review-now item: exploit status active with 1 KQL hunt(s).
Review Now
These items have confirmed active exploitation, KEV/ransomware evidence, or trusted advisory evidence. Treat as immediate triage.
- Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure β score 47 β exploit status
activeβ KQL: MDE edge/service exploitation telemetry triage. Evidence: Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure.
Monitor
These are notable but currently lack active-exploitation evidence in configured sources.
-
SANS Stormcast Thursday, June 11th, 2026: Framing Protections; npm improvements; Adobe Patches; New Defender 0-day β score 40 β exploit status
activeβ flags:no_primary_source,active_claim_without_evidence. Evidence: SANS Stormcast Thursday, June 11th, 2026: Framing Protections; npm improvements; Adobe Patches; New Defender 0-day. -
Authorities dismantle ‘AudiA6’ ransomware crypto-laundering service β score 35 β exploit status
noneβ flags:no_primary_source,no_exploitation_signal. Evidence: Authorities dismantle ‘AudiA6’ ransomware crypto-laundering service. -
Who Runs the Ransomware Group βThe Gentlemen?β β score 35 β exploit status
noneβ flags:no_primary_source,no_exploitation_signalβ KQL: Sentinel identity/M365 suspicious admin and consent activity. Evidence: Who Runs the Ransomware Group βThe Gentlemen?β. -
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-b… β score 25 β exploit status
noneβ CVECVE-2026-45039β flags:no_exploitation_signalβ KQL: MDE exposure: devices with CVE-2026-45039. Evidence: nvd. -
Why AI-driven threats are exposing the limits of MSP security stacks β score 25 β exploit status
noneβ flags:no_primary_source,no_exploitation_signal. Evidence: Why AI-driven threats are exposing the limits of MSP security stacks.
Background
-
DeepCode through commit c991dc2 contains a path traversal vulnerability in th… β score 30 β exploit status
noneβ CVECVE-2026-32847β flags:no_exploitation_signalβ KQL: MDE exposure: devices with CVE-2026-32847. Evidence: nvd. -
**vllm-project/vllm version 0.14.1 contains a vulnerability where the
trust_re...** β score 30 β exploit statusnoneβ CVECVE-2026-4944β flags:no_exploitation_signal` β KQL: MDE exposure: devices with CVE-2026-4944. Evidence: nvd. -
Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock… β score 30 β exploit status
noneβ CVECVE-2026-47331β flags:no_exploitation_signalβ KQL: MDE exposure: devices with CVE-2026-47331. Evidence: nvd. -
Automad is a flat-file content management system and template engine. From 2…. β score 25 β exploit status
noneβ CVECVE-2026-45332β flags:no_exploitation_signalβ KQL: MDE exposure: devices with CVE-2026-45332. Evidence: nvd. -
RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-b… β score 23 β exploit status
noneβ CVECVE-2026-45044β flags:no_exploitation_signalβ KQL: MDE exposure: devices with CVE-2026-45044; MDE edge/service exploitation telemetry triage. Evidence: nvd.