mitre-t1021
110 articles with this tag
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
INFO
MEDIUM
HIGH
CRITICAL
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
CRITICAL
MEDIUM
MEDIUM
HIGH
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
CRITICAL
MEDIUM
MEDIUM
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
CRITICAL
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
INFO
PureLogs Variant Steals Data via Purchase Order Lures
Drupal bug added to CISA list of known exploited vulnerabilities
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
WantToCry ransomware evades detection through SMB abuse, remote encryption
Hackers bypass SonicWall VPN MFA due to incomplete patching
A 6-step guide for responding to the Foxconn ransomware/supply chain incident
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
GitHub Actions Supply Chain Attack Redirects Tags to Steal CI/CD Credentials
The Canvas breach proved that prevention is no longer enough
Kazuar: Anatomy of a nation-state botnet
TeamPCP releases ‘vibe coded’ Shai-Hulud source code, issues challenge
Kazuar: Anatomy of a nation-state botnet
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
Kazuar: Anatomy of a nation-state botnet
Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns
House committee chair calls on Instructure to testify in Canvas hack
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
New GhostLock tool abuses Windows API to block file access
South Staffordshire Water Fined £1m After Data Breach
New GhostLock tool abuses Windows API to block file access
PCPJack Campaign Boots TeamPCP Off Compromised Machines
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
15-year-old detained over French govt agency data breach
PromptMink: ReversingLabs discloses 7-month DPRK supply chain campaign using LLM Optimization (LLMO) to target AI coding agents via npm
Alleged Silk Typhoon hacker extradited to the United States to face charges
89 vulnerabilities in XAPI / Citrix XenServer
Chinese national extradited to US for pandemic-era Silk Typhoon attacks
Ongoing supply-chain attack 'explicitly targeting' security, dev tools
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
CISA: Malware attack compromises US agency via Cisco exploit
Governments on high alert after CISA snuffs out Firestarter backdoor on fed network
AI-driven cloud attacks reach ‘functional’ maturity, says Unit 42
UK warns of Chinese hackers using proxy networks to evade detection
Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure
New Mirai campaign exploits RCE flaw in EoL D-Link routers
Several flaws found in serial-to-IP converters used in critical sectors
Another Cisco Catalyst SD-WAN Manager bug added to CISA list
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
SystemBC botnet linked to Gentlemen ransomware attacks
Payouts King ransomware abuses QEMU for hidden VMs and backdoors
Vercel’s security breach started with malware disguised as Roblox cheats
Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox
Containing a domain compromise: How predictive shielding shut down lateral movement
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
KelpDAO suffers $290 million heist tied to Lazarus hackers
ZionSiphon Malware Targets Water Infrastructure Systems
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
Containing a domain compromise: How predictive shielding shut down lateral movement
World Leaks: RDP Access Leads to Custom Exfiltration and Personalized Extortion
Why the Stryker Attack Still Matters. And Five Steps You Can Take Today
New AgingFly malware used in attacks on Ukraine govt, hospitals
Kerberoasting detection gaps in mixed-encryption environments and why 0x17 filtering alone isn't enough
GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
Iran‑linked PLC attacks cause real‑world disruption at critical US infra sites
Iran‑Backed Threat Actors Hit US CNI Providers via Internet‑Facing OT Assets
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
US warns of Iranian hackers targeting critical infrastructure
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Using undocumented AWS CodeBuild endpoints to extract privileged tokens from AWS CodeConnections allowing lateral movement and privilege escalation through an organisation's codebase
[Video] The TTP Ep 21: When Attackers Become Trusted Users
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
Sophisticated CrystalX RAT Emerges
AI recruiting biz Mercor says it was 'one of thousands' hit in LiteLLM supply-chain attack
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069
PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough.
TeamPCP Explores Ways to Exploit Stolen Supply Chain Secrets
Ransomware in 2025: Blending in is the strategy
New RoadK1ll WebSocket implant used to pivot on breached networks
LangDrained: Path traversal, SQL injection, and Deserialization of untrusted data in LangChain
Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
Chinese Hackers Caught Deep Within Telecom Backbone Infrastructure
New Whitepaper: Exploiting Cellular-based IoT Devices
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
How the Huntress SOC Stopped a VPN-Based Ransomware Attack
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
FBI warns of Handala hackers using Telegram in malware attacks
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran
Feds disrupt monster IoT botnets behind record-breaking DDoS attacks
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow
CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
Telus Digital hit with massive data breach
Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays
The Future of Supply Chain Backdoor Detections
New ‘BlackSanta’ EDR killer spotted targeting HR departments
ClickFix attackers using new tactic to evade detection, says Microsoft
hackers now steal your data in 72 minutes
Surge in Attacks on Surveillance Cameras Linked to Iranian Hackers
The FBI Is Using AI to Hack Targets