OpenCTI-Platform/connectors
OpenCTI Connectors
30 Releases
Latest: 2d ago
Version 7.260624.07.260624.0Latest
Filigran-Automation·2d ago·June 24, 2026📋 Changes
- [#6744](https://github.com/OpenCTI-Platform/connectors/issues/6744) feat(google-secops-siem-incidents): implement filtering mecanism
- [#6781](https://github.com/OpenCTI-Platform/connectors/issues/6781) fix(dogesec-vulmatch): HTTP 414 URI Too Long.
- [#6668](https://github.com/OpenCTI-Platform/connectors/issues/6668) fix(dogesec-cyberthreatexchange): add support for paginating via cursor on `FEED/<id>/objects`
- [#6600](https://github.com/OpenCTI-Platform/connectors/issues/6600) fix(all): resolve conflict between connectors with similar names or slugs
- [#6177](https://github.com/OpenCTI-Platform/connectors/issues/6177) fix(phishunt): public feed returns HTTP 403 due to missing User-Agent header in urlopen()
- fix(dogesec-vulmatch): reduce chunk size (#6781) by @fqrious in https://github.com/OpenCTI-Platform/connectors/pull/6783
- fix(phishunt): add User-Agent header to public feed request to fix HTTP 403 (#6177) by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6764
- chore(deps): update dependency pytest to v9 [security] by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6757
- + 9 more
Version 7.260619.07.260619.0
Filigran-Automation·1w ago·June 19, 2026📋 Changes
- [#6725](https://github.com/OpenCTI-Platform/connectors/issues/6725) feat(akamai): migrate akamai stream connector to the catalog
- [#5657](https://github.com/OpenCTI-Platform/connectors/issues/5657) feat(flare-io): create and verify the connector
- [#5260](https://github.com/OpenCTI-Platform/connectors/issues/5260) refactor(microsoft-defender-incidents): migrate connector to be connector manager supported
- [#6753](https://github.com/OpenCTI-Platform/connectors/issues/6753) fix(ransomwarelive): create_intrusion_set and create_report should default to true
- [#6629](https://github.com/OpenCTI-Platform/connectors/issues/6629) fix(crowdstrike): handle AttributeError when logging paginated query errors
- [#6569](https://github.com/OpenCTI-Platform/connectors/issues/6569) fix(doppel): domain observables incorrectly created as Phone-Number type
- chore(deps): update dependency beautifulsoup4 to v4.15.0 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6705
- chore(google-secops-siem-incidents): improve connector manifest and logo (#6750) by @romain-filigran in https://github.com/OpenCTI-Platform/connectors/pull/6750
- + 11 more
Version 7.260615.07.260615.0
Filigran-Automation·1w ago·June 16, 2026📋 Changes
- [#6562](https://github.com/OpenCTI-Platform/connectors/issues/6562) perf(google-ti): optimize attack_patterns fetching by checking counters before API call
- [#6392](https://github.com/OpenCTI-Platform/connectors/issues/6392) feat(cve): add support for CVSS 3.0 metrics
- [#6299](https://github.com/OpenCTI-Platform/connectors/issues/6299) feat(ransomwarelive): add group and report enrichment (aliases, leak sites, external references, TTPs)
- [#6286](https://github.com/OpenCTI-Platform/connectors/issues/6286) feat(trukno): add external import connector
- [#1032](https://github.com/OpenCTI-Platform/connectors/issues/1032) feat(import-document): implement docx/xlsx compatibility
- [#6697](https://github.com/OpenCTI-Platform/connectors/issues/6697) fix(ismalicious): repo-wide lint fails on master (black + flake8 F401 in tests)
- [#6690](https://github.com/OpenCTI-Platform/connectors/issues/6690) fix(ismalicious): incorrect enrichment API URL and authentication
- [#6679](https://github.com/OpenCTI-Platform/connectors/issues/6679) fix(tweetfeed): invalid escape sequence
- + 24 more
Version 7.260609.07.260609.0
Filigran-Automation·2w ago·June 9, 2026📋 Changes
- [#6261](https://github.com/OpenCTI-Platform/connectors/issues/6261) [google-safebrowsing] Support Yandex SafeBrowsing
- [#6157](https://github.com/OpenCTI-Platform/connectors/issues/6157) [New Connector] CTM360 CyberBlindSpot Feed (External Import)
- [#5406](https://github.com/OpenCTI-Platform/connectors/issues/5406) feat(google-secops-siem-incidents): create connector to collect incidents and discovered IOCs
- [#6661](https://github.com/OpenCTI-Platform/connectors/issues/6661) fix(internal-export-csv): MD5 hashes missing and field mapping inconsistent in CSV export from report observables
- [#6611](https://github.com/OpenCTI-Platform/connectors/issues/6611) fix(feedly): memory leak causing OOM events
- [#6590](https://github.com/OpenCTI-Platform/connectors/issues/6590) [SigmaHQ] Connector imports no rules — asset matching broken with current release format
- [#6578](https://github.com/OpenCTI-Platform/connectors/issues/6578) [Proofpoint-tap] Fix aiohttp lib error from new version
- [#6576](https://github.com/OpenCTI-Platform/connectors/issues/6576) [polyswarm-enrichment] polykg lookups attempted when POLYKG_API_URL is unset
- + 32 more
Version 7.260604.07.260604.0
Filigran-Automation·3w ago·June 4, 2026📋 Changes
- [#6548](https://github.com/OpenCTI-Platform/connectors/issues/6548) [email-intel-imap] Plain text email body not populated in Report content
- [#6189](https://github.com/OpenCTI-Platform/connectors/issues/6189) [Crowdstrike] Add "modified" indicator attribute
- [#6160](https://github.com/OpenCTI-Platform/connectors/issues/6160) [New Connector] Qualys CVE Enrichment (Internal Enrichment)
- [#6159](https://github.com/OpenCTI-Platform/connectors/issues/6159) [New Connector] CTM360 HackerView Feed (External Import)
- [#6158](https://github.com/OpenCTI-Platform/connectors/issues/6158) [New Connector] CTM360 CYNA Feed (External Import)
- [#6156](https://github.com/OpenCTI-Platform/connectors/issues/6156) Add external import for BeaconBeagle Data
- [#5923](https://github.com/OpenCTI-Platform/connectors/issues/5923) [Google TI] Ingest and model GTI "software toolkits" as Tool objects with relationship mapping
- [#6580](https://github.com/OpenCTI-Platform/connectors/issues/6580) [sentinelone-intel] Fix URL to avoid double slash
- + 31 more
Version 7.260529.07.260529.0
Filigran-Automation·3w ago·May 29, 2026📋 Changes
- [#6412](https://github.com/OpenCTI-Platform/connectors/issues/6412) [MISP] Connector loops indefinitely on first run when "import_from_date" is not set (defaults to "now")
- [MISP] Fix loop when import_from_date is not set by @Ninoxe in https://github.com/OpenCTI-Platform/connectors/pull/6517
- [CI] Add GitHub Actions workflow for UBI9 Docker image builds by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6542
- [docker] Deliver additional connector with UBI9 base image (#6424) by @xfournet in https://github.com/OpenCTI-Platform/connectors/pull/6425
Version 7.260527.07.260527.0
Filigran-Automation·4w ago·May 27, 2026📋 Changes
- [#6512](https://github.com/OpenCTI-Platform/connectors/issues/6512) [stream-importer] Discard already-processed files instead of raising WrongFileOrder
- [#6510](https://github.com/OpenCTI-Platform/connectors/issues/6510) [digintlab-dep] Refactor into modules and add configurable primary-object type
- [#6452](https://github.com/OpenCTI-Platform/connectors/issues/6452) [teamt5] Rewrite connector on connectors-sdk Pydantic settings and shared handler architecture
- [#6411](https://github.com/OpenCTI-Platform/connectors/issues/6411) [import-doc-ai] Add support for XTM One agent
- [#6407](https://github.com/OpenCTI-Platform/connectors/issues/6407) [assemblyline] Add new internal-enrichment connector for AssemblyLine 4 sandbox analysis
- [#6321](https://github.com/OpenCTI-Platform/connectors/issues/6321) [mitre-attack] Fix kill chain phases order for new MITRE ATT&CK v19 tactics (Stealth & Defense Impairment)
- [#6243](https://github.com/OpenCTI-Platform/connectors/issues/6243) [Google TI] Import IOCs using the "Steady-State IOC Deltas" API
- [#6199](https://github.com/OpenCTI-Platform/connectors/issues/6199) [IPQS Analyzer] - new integration
- + 58 more
Version 7.260522.07.260522.0
Filigran-Automation·1mo ago·May 22, 2026📋 Changes
- [#6445](https://github.com/OpenCTI-Platform/connectors/issues/6445) [sdk] Add created in commom properties for base identified entity
- [#6437](https://github.com/OpenCTI-Platform/connectors/issues/6437) [Portspoof Pro] New external-import connector for PortSpoofPro session telemetry
- [#6435](https://github.com/OpenCTI-Platform/connectors/issues/6435) [virustotal-livehunt-notifications] Propagate malware-config IOCs, per-type indicators, and per-run notifications cap
- [#6406](https://github.com/OpenCTI-Platform/connectors/issues/6406) [yara] Propagate 'indicates' Malware relationships and labels from matching YARA Indicator to enriched Artifact
- [#5313](https://github.com/OpenCTI-Platform/connectors/issues/5313) [crowdstrike] Link IntrusionSet to Vulnerabilities when processing the 'vulnerability' data collection
- [#5178](https://github.com/OpenCTI-Platform/connectors/issues/5178) [Google TI] Connector does not download the actual PDF of the report
- [#5165](https://github.com/OpenCTI-Platform/connectors/issues/5165) [Flashpoint] Migrate Flashpoint connector to API v2 for IOC ingestion
- [#6438](https://github.com/OpenCTI-Platform/connectors/issues/6438) [crowdstrike] Handle missing indicator scope permission gracefully
- + 18 more
Version 7.260521.07.260521.0
Filigran-Automation·1mo ago·May 21, 2026📋 Changes
- [tool] chore(deps): Update dependency google-auth to v2.53.0 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6381
- [tool] chore(deps): Update dependency google-auth-httplib2 to v0.4.0 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6382
- [CI] Migrate lint and format checks from CircleCI to GitHub Actions by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6417
Version 7.260520.07.260520.0
Filigran-Automation·1mo ago·May 20, 2026📋 Changes
- [#6407](https://github.com/OpenCTI-Platform/connectors/issues/6407) [assemblyline] Add new internal-enrichment connector for AssemblyLine 4 sandbox analysis
- [#6399](https://github.com/OpenCTI-Platform/connectors/issues/6399) [ipqs] Add Darkweb-Leak enrichment for User-Account observables
- [#6401](https://github.com/OpenCTI-Platform/connectors/issues/6401) [intel471-darknet] New external-import connector for Intel 471 darknet alerts
- [#6402](https://github.com/OpenCTI-Platform/connectors/issues/6402) [matrix] New external-import connector for Matrix homeservers
- [#6403](https://github.com/OpenCTI-Platform/connectors/issues/6403) [mattermost] New external-import connector for Mattermost channels
- [#6337](https://github.com/OpenCTI-Platform/connectors/issues/6337) [Google TI] Additional API query filters to retrieve collections data
- [#6172](https://github.com/OpenCTI-Platform/connectors/issues/6172) [taxii-post] Stop the removal of Marking References and Authors
- [#6447](https://github.com/OpenCTI-Platform/connectors/issues/6447) [stream-exporter] Connector silently gets stuck when MinIO upload fails
- + 22 more
Version 7.260515.07.260515.0
Filigran-Automation·1mo ago·May 15, 2026📋 Changes
- [#4919](https://github.com/OpenCTI-Platform/connectors/issues/4919) [MISP] Add an option configuration to let users map the MISP threat level value on an OpenCTI score
- [#4450](https://github.com/OpenCTI-Platform/connectors/issues/4450) [CybelAngel] Create a connector
- [#4413](https://github.com/OpenCTI-Platform/connectors/issues/4413) [ransomfeed]: Create an external-import connector
- [#6404](https://github.com/OpenCTI-Platform/connectors/issues/6404) [stream-importer] ChannelClosedByBroker raised by RabbitMQ is not handled (sent_errors_total never incremented)
- [#4798](https://github.com/OpenCTI-Platform/connectors/issues/4798) isort non-deterministic behavior across repo root vs connector subdirectories
- [#4571](https://github.com/OpenCTI-Platform/connectors/issues/4571) 6.7.16 - [cyber-campaign-collection] & [attribution-tools] - DeprecationWarning for utcfromtimestamp
- [#4532](https://github.com/OpenCTI-Platform/connectors/issues/4532) [MISP] Connector incorrectly assigns all event labels to observables instead of attribute-only labels
- [#4497](https://github.com/OpenCTI-Platform/connectors/issues/4497) Crowdstrike Connector not paginating results
- + 11 more
Version 7.260513.07.260513.0
Filigran-Automation·1mo ago·May 13, 2026📋 Changes
- [#6388](https://github.com/OpenCTI-Platform/connectors/issues/6388) [cvelistv5] New external-import connector for the CVE Program git repository
- [#6361](https://github.com/OpenCTI-Platform/connectors/issues/6361) [MISP] Handle "threat-actor" attribute (category: Attribution) during MISP event conversion
- [#4067](https://github.com/OpenCTI-Platform/connectors/issues/4067) [misp-feed-connector] Add (Basic)-Authentication option for non-public feeds
- [#6391](https://github.com/OpenCTI-Platform/connectors/issues/6391) [urlscan-enrichment] Stop logging the 'no screenshot returned' warning when import_screenshot is disabled
- [#6386](https://github.com/OpenCTI-Platform/connectors/issues/6386) [all] Fix requests max version
- [#6343](https://github.com/OpenCTI-Platform/connectors/issues/6343) [AbuseIPDB] AbuseIPDB connector crashes with KeyError on missing `reporterCountryCode` field
- [all] Fix requests max version by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6387
- [cvelistv5] New external-import connector for the CVE Program git repository by @hanfil in https://github.com/OpenCTI-Platform/connectors/pull/3998
- + 11 more
Version 7.260512.07.260512.0
Filigran-Automation·1mo ago·May 12, 2026📋 Changes
- [#6353](https://github.com/OpenCTI-Platform/connectors/issues/6353) [ci] Prevent merge when label do not merge on the PR
- [#6206](https://github.com/OpenCTI-Platform/connectors/issues/6206) [Connectors-SDK] Implement StateManager
- [#6329](https://github.com/OpenCTI-Platform/connectors/issues/6329) [Recorded Future] Alerts module does not honor `rf_initial_lookback` on first run
- [#5714](https://github.com/OpenCTI-Platform/connectors/issues/5714) Crowdstrike connector imported reports 13 years old
- [#5707](https://github.com/OpenCTI-Platform/connectors/issues/5707) [HARFANGLAB Incident] "Invalid value for File 'hashes'
- [crowdstrike] Add filter to not import old reports by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6356
- [harfanglab-incidents] Fix missing hashes by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6350
- [ci] Do not merge label check by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6354
- + 6 more
Version 7.260510.07.260510.0
Filigran-Automation·1mo ago·May 10, 2026**Full Changelog**: https://github.com/OpenCTI-Platform/connectors/compare/7.260507.0...7.260510.0
Version 7.260507.07.260507.0
Filigran-Automation·1mo ago·May 7, 2026📋 Changes
- [#6346](https://github.com/OpenCTI-Platform/connectors/issues/6346) [OpenCTI Stream] New external-import connector to forward live stream events
- [#6236](https://github.com/OpenCTI-Platform/connectors/issues/6236) [Google TI] Reduce quota usage by resolving related entities
- [tool] chore(deps): Update dependency google-auth to v2.50.0 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6335
- [Google TI Feeds] fetch relationship entities directly from collections API by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6316
- [OpenCTI Stream] Add new external-import connector to forward live stream events by @SamuelHassine in https://github.com/OpenCTI-Platform/connectors/pull/6347
Version 7.260506.07.260506.0
Filigran-Automation·1mo ago·May 6, 2026📋 Changes
- [#6318](https://github.com/OpenCTI-Platform/connectors/issues/6318) [Crowdstrike] Add regex-based IOC extraction from report content
- [#6306](https://github.com/OpenCTI-Platform/connectors/issues/6306) [Google TI] Add metrics about API call usage
- [#6275](https://github.com/OpenCTI-Platform/connectors/issues/6275) [Crowdstrike] Add configuration capacity to drop indicators if their creation date is too old
- [#6137](https://github.com/OpenCTI-Platform/connectors/issues/6137) [Criminal IP] Verify the connector
- [#6131](https://github.com/OpenCTI-Platform/connectors/issues/6131) [Sublime] Verify the connector
- [#5822](https://github.com/OpenCTI-Platform/connectors/issues/5822) [google-secops-siem] Migrate connector to be connector manager supported #5247
- [#5266](https://github.com/OpenCTI-Platform/connectors/issues/5266) [doppel] Migrate connector to be connector manager supported
- [#6333](https://github.com/OpenCTI-Platform/connectors/issues/6333) [doppel] Invalid connector 'scope' when deploying through the composer
- + 11 more
Version 7.260430.07.260430.0
Filigran-Automation·1mo ago·April 30, 2026📋 Changes
- [#6244](https://github.com/OpenCTI-Platform/connectors/issues/6244) [Google TI] Map GTI campaign "motivation" field to OpenCTI campaign "objective" field
- [#6012](https://github.com/OpenCTI-Platform/connectors/issues/6012) [cve] Add optional Software/CPE import (#1604, #1949, #1449) & fix duplicate vulnerabilities in _filter_cvss (#5964)
- [#6313](https://github.com/OpenCTI-Platform/connectors/issues/6313) [RecordedFuture] KeyError on 'criticality' field causes Domain Abuse playbook alerts to be skipped
- [Google dtm] Update pytest from 8.4.2 to 9.0.3 by @dependabot[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6314
- [tool] chore(deps): Update dependency dateparser to v1.4.0 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6295
- [Recorded Future] Fix unsafe key access in panel evidence summary fields by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6317
- [CVE] Refactor NVD API clients to async with streaming TaskGroup by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6195
- [Google TI Feeds] map campaign motivations to STIX objective by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6309
Version 7.260309.0-lts.47.260309.0-lts.4
Filigran-Automation·1mo ago·April 30, 2026**Full Changelog**: https://github.com/OpenCTI-Platform/connectors/compare/7.260309.0-lts.3...7.260309.0-lts.4
Version 7.260428.07.260428.0
Filigran-Automation·1mo ago·April 28, 2026📋 Changes
- [#6206](https://github.com/OpenCTI-Platform/connectors/issues/6206) [Connectors-SDK] Implement StateManager
- [#6298](https://github.com/OpenCTI-Platform/connectors/issues/6298) [Recorded Future] RECORDED_FUTURE_TA_TO_INTRUSION_SET=true rejected with ValidationError after upgrade to 7.260422.0
- [#6204](https://github.com/OpenCTI-Platform/connectors/issues/6204) [Checkfirst] Connector flooding OpenCTI Redis stream
- [checkfirst] Remove start_time attribute on relationships (deduplication) by @ncarenton in https://github.com/OpenCTI-Platform/connectors/pull/6281
- [Recorded Future] ta to intrusion set as boolean (#6298) by @Kakudou in https://github.com/OpenCTI-Platform/connectors/pull/6301
- [recorded future] ta to intrusion set as boolean (#6298) by @Kakudou in https://github.com/OpenCTI-Platform/connectors/pull/6305
- [connectors-sdk] Create `ConnectorStateManager` class by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/6222
Version 7.260423.07.260423.0
Filigran-Automation·2mo ago·April 23, 2026📋 Changes
- [#4171](https://github.com/OpenCTI-Platform/connectors/issues/4171) [servicenow-vr-app] Create a ServiceNow App for Vulnerability Response module
- [#6289](https://github.com/OpenCTI-Platform/connectors/issues/6289) [doppel] Update Doppel connector documentation for mandatory fields
- [#6269](https://github.com/OpenCTI-Platform/connectors/issues/6269) [microsoft-sentinel-intel] Search query timeout
- [#6242](https://github.com/OpenCTI-Platform/connectors/issues/6242) [chapsvision] Fix non-deterministic STIX ID in multiple functions
- [#6240](https://github.com/OpenCTI-Platform/connectors/issues/6240) [thehive] Fix non-deterministic STIX ID in Note generation
- [#6184](https://github.com/OpenCTI-Platform/connectors/issues/6184) [microsoft-sentinel-intel] DELETE operation fails at scale due to full-text search in indicator lookup
- [tool] chore(deps): Update dependency cyberintegrations to v0.14.1 by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6229
- [tool] chore(deps): Update dependency lxml to v6 [SECURITY] by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6278
- + 5 more
Version 7.260422.07.260422.0
Filigran-Automation·2mo ago·April 22, 2026📋 Changes
- [#6182](https://github.com/OpenCTI-Platform/connectors/issues/6182) [Misp-Intel] Handling of round-trip events MISP
- [#6125](https://github.com/OpenCTI-Platform/connectors/issues/6125) [Elastic Security] Add mTLS authentication
- [#5854](https://github.com/OpenCTI-Platform/connectors/issues/5854) [Elastic Security Intel] Add support for mTLS Authentication
- [#5247](https://github.com/OpenCTI-Platform/connectors/issues/5247) [yara-scan] Migrate connector to be connector manager supported
- [#4941](https://github.com/OpenCTI-Platform/connectors/issues/4941) [ImportDocIA]: Use new /stix endpoint from ariane service
- [#3848](https://github.com/OpenCTI-Platform/connectors/issues/3848) [google-dtm]: Create a connector for Google Digital Threat Monitoring
- [#2694](https://github.com/OpenCTI-Platform/connectors/issues/2694) [Akamai]: Create the connector
- [#1515](https://github.com/OpenCTI-Platform/connectors/issues/1515) [yara] Add marking to Artifact->Indicator relationship
- + 16 more
Version 7.260417.07.260417.0
Filigran-Automation·2mo ago·April 17, 2026📋 Changes
- [#6257](https://github.com/OpenCTI-Platform/connectors/issues/6257) [all] Fix defaults for config fields accepting ISO 8601 durations
- [all] Fix dynamic defaults for import start dates by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/6258
Version 7.260416.07.260416.0
labo-flg·2mo ago·April 16, 2026📋 Changes
- #5174 [Microsoft Sentinel Intel] Batch processing of stream events and batch uploading
- #5248 [vx-vault] Migrate connector to connector manager supported
- #5922 [Google TI] Map "alt_names_details" to Campaign aliases
- #6103 [Google TI] Import Vulnerability summary/analysis into description
- #6105 [Google TI] Map Vulnerability source references to external_references
- #6107 [team-cymru-scout-search] Support Scout pattern enrichment for TEXT indicators
- #6212 [USTA] New External Import connector for USTA PRODAFT platform
- #6220 [Accenture-CTI] Convert threat actors to intrusion sets
- + 33 more
Version 7.260309.0-lts.37.260309.0-lts.3
labo-flg·2mo ago·April 10, 2026📋 Changes
- #5959 Fix continuous integration for LTS builds
- [ci] Add parameters to set the base branch (#5959) by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6086
Version 7.260409.07.260409.0
labo-flg·2mo ago·April 9, 2026📋 Changes
- [#1816](https://github.com/OpenCTI-Platform/connectors/issues/1816) [All connectors] Update all connectors to be aligned with confidence level changes
- [#2051](https://github.com/OpenCTI-Platform/connectors/issues/2051) [VirusTotal] Be able to enrich Indicator with VirusTotal connector
- [#3653](https://github.com/OpenCTI-Platform/connectors/issues/3653) [CrowdStrike-Endpoint-Security] Allow an Environment Variable to Allow Blocking Hash Based Indicators rather than Detect Only
- [#5924](https://github.com/OpenCTI-Platform/connectors/issues/5924) [Google TI] Map "analyst_comment" field to a Note object attached to the Report
- [#6122](https://github.com/OpenCTI-Platform/connectors/issues/6122) [Censys] Add certificate discovery for domain enrichment
- [#6124](https://github.com/OpenCTI-Platform/connectors/issues/6124) [MISP Connector] Search (Query) Limit with configuration variable
- [#4209](https://github.com/OpenCTI-Platform/connectors/issues/4209) [VirusTotal] Connector Updates Score with Wrong Value
- [#5095](https://github.com/OpenCTI-Platform/connectors/issues/5095) MISP connector doesn't trigger periodic syncs
- + 20 more
✨ New Contributors:
- @Ch-Philou made their first contribution in https://github.com/OpenCTI-Platform/connectors/pull/5809
- @aleitao made their first contribution in https://github.com/OpenCTI-Platform/connectors/pull/5429
- Full Changelog: https://github.com/OpenCTI-Platform/connectors/compare/7.260401.0...7.260409.0
Version 6.9.296.9.29
labo-flg·2mo ago·April 7, 2026📋 Changes
- [ci] Add parameters to set the base branch (#5959) by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6087
Version 7.260401.07.260401.0
Filigran-Automation·2mo ago·April 1, 2026📋 Changes
- [#6113](https://github.com/OpenCTI-Platform/connectors/issues/6113) [CISA KEV] Support selective field update — update KEV field only without overwriting other vulnerability data
- [#5977](https://github.com/OpenCTI-Platform/connectors/issues/5977) [Doppel] Improve and verify the connector
- [#5934](https://github.com/OpenCTI-Platform/connectors/issues/5934) [Checkfirst] Verify the connector
- Update dependency requests to v2.33.0 [SECURITY] by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/6081
- [all] chore: Do not check PR title if author is renovate by @jabesq in https://github.com/OpenCTI-Platform/connectors/pull/6084
- [checkfirst] Update connector to be "manager_supported" by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/6032
- [connectors-sdk] Add missing `RelationshipType` values by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/6069
- [connectors-sdk] Add text and sighting to models by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/6064
- + 13 more
Version 7.260326.07.260326.0
Filigran-Automation·3mo ago·March 26, 2026📋 Changes
- [#6062](https://github.com/OpenCTI-Platform/connectors/issues/6062) [ESET enrichment] Add TLP for enriched report data
- [#6048](https://github.com/OpenCTI-Platform/connectors/issues/6048) [taxii-post] Add config for api root
- [#6029](https://github.com/OpenCTI-Platform/connectors/issues/6029) [greynoise-feed] Update GreyNoise SDK and rework connector processing
- [#6028](https://github.com/OpenCTI-Platform/connectors/issues/6028) [greynoise] Update to SDK v3 and User Fixes
- [#6026](https://github.com/OpenCTI-Platform/connectors/issues/6026) [greynoise-vuln] Support updated v3 SDK and remove unnecessary API key check
- [#6015](https://github.com/OpenCTI-Platform/connectors/issues/6015) [mwdb] Set indicator_types and x_opencti_main_observable_type on STIX Indicators
- [#6014](https://github.com/OpenCTI-Platform/connectors/issues/6014) [DigintLab-DEP] Create Sector entities linked to victims
- [#6013](https://github.com/OpenCTI-Platform/connectors/issues/6013) [criminal-ip] New enrichment connector
- + 48 more
✨ New Contributors
- @jsshim-aispera made their first contribution in https://github.com/OpenCTI-Platform/connectors/pull/5986
- @MrStarkEG made their first contribution in https://github.com/OpenCTI-Platform/connectors/pull/5881
- Full Changelog: https://github.com/OpenCTI-Platform/connectors/compare/7.260318.0...7.260326.0
Version 7.260309.0-lts.27.260309.0-lts.2
Filigran-Automation·3mo ago·March 23, 2026📋 Changes
- #5948 [CI] Trigger release build on LTS tag
- #5933 [MISP] Check the buffering state while sending batch chunks
- #6030 [tenable-vuln-management] Fix unexpected API response error
- black updated to 26.1.0 to 26.3.1
Version 7.260318.07.260318.0
Filigran-Automation·3mo ago·March 18, 2026📋 Changes
- [#5951](https://github.com/OpenCTI-Platform/connectors/issues/5951) [connectors-sdk] Add missing refs to observables
- [#5214](https://github.com/OpenCTI-Platform/connectors/issues/5214) [proofpoint-tap] Migrate connector to be connector manager supported
- Update dependency black to v26.3.1 [SECURITY] by @renovate[bot] in https://github.com/OpenCTI-Platform/connectors/pull/5971
- [ci] try to rebase before pushing manifest by @throuxel in https://github.com/OpenCTI-Platform/connectors/pull/5990
- [connectors-sdk] Add missing `belongs_to` and `resolves_to` fields by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/5952
- [connectors-sdk] Suppress `UserWarning` emitted from `BaseSettings` during tests by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/5955
- [proofpoint-tap] Update connector to be "manager_supported" by @Powlinett in https://github.com/OpenCTI-Platform/connectors/pull/5935