mitre-t1133
202 articles with this tag
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
INFO
HIGH
CRITICAL
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
CRITICAL
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
INFO
HIGH
HIGH
HIGH
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
The Hackers Behind Shai-Hulud: Lucky or Skilled?
From Cookies to Keys: The Threat of Session Hijacking
Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
GitHub Actions Cache Poisoning is eating open source
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
Chinese hackers target telcos with new Linux, Windows malware
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Webworm: New burrowing techniques
Webworm APT targets European government organizations with new backdoors
GitHub Confirms Hack Impacting 3,800 Internal Repositories
Microsoft Self-Service Password Reset abused in Azure data theft attacks
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
New Shai-Hulud malware wave compromises 600 npm packages
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
Grafana Labs Confirms Hackers Stole Source Code
Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account
How Storm-2949 turned a compromised identity into a cloud-wide breach
Malaysian government-linked campaign used hidden infrastructure for years
FIFA World Cup scams target fans and businesses
TanStack weighs invitation-only pull requests after supply chain attack
TanStack Supply Chain Attack (And How to Lock Down GitHub Actions)
201 arrested in INTERPOL disruption of phishing and fraud networks
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
NCSC-2026-0160 [1.00] [M/H] Kwetsbaarheden verholpen in Ivanti Endpoint Manager
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Critical Quest KACE SMA flaw exploited after 10 months
Operation SilentCanvas: Attackers use .jpeg files to deliver malware
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Defending consumer web properties against modern DDoS attacks
Threat actor Mr_Rot13 exploits critical cPanel flaw to deploy Filemanager backdoor
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
South Staffordshire Water Fined £1m After Data Breach
TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
New PamDOORa Linux backdoor sold on cybercrime forum
Worm rubs out competitor's malware, then takes control
NCSC-2026-0136 [1.00] [M/H] Kwetsbaarheden verholpen in Cisco Unity Connection
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
ScarCruft hackers push BirdCall Android malware via game platform
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
RMM Tools Fuel Stealthy Phishing Campaign
The fake IT worker problem CISOs can’t ignore
New software supply chain attack uses sleeper packages for credential theft and CI tampering
That AI Extension Helping You Write Emails? It’s Reading Them First
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
SAP npm package attack highlights risks in developer tools and CI/CD pipelines
Novel multi-stage malware campaign stealthily targets Pakistan
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Iranian Cyber Group Handala Targets US Troops in Bahrain
More fake extensions linked to GlassWorm found in Open VSX code marketplace
CI/CD pipeline abuse: the problem no one is watching
89 vulnerabilities in XAPI / Citrix XenServer
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX
LMDeploy vulnerability exploited, highlighting AI infrastructure risks
Tropic Trooper targets Chinese speakers with SumatraPDF trojan and VS Code tunnels
Threat actor uses Microsoft Teams to deploy new “Snow” malware
The npm Threat Landscape: Attack Surface and Mitigations
Backdoor FIRESTARTER: CISA aggiorna la direttiva dopo violazione federale
New Cisco firewall malware can only be killed by pulling the plug
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
Namastex npm packages compromised in ‘CanisterWorm’ supply chain attack
UK warns of Chinese hackers using proxy networks to evade detection
AI-driven attacks target governments, cloud agents, supply chains
GopherWhisper APT group hides command and control traffic in Slack and Discord
Another npm supply chain worm is tearing through dev environments
MacOS Native Tools Enable Stealthy Enterprise Attacks
Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Bad Apples: Weaponizing native macOS primitives for movement and execution
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
North Korean Blamed for $290m KelpDAO Crypto Heist
Vercel confirms Context.ai-linked breach exposed customer environment variables; ShinyHunters lists $2M sale on BreachForums
SOHO router compromise leads to DNS hijacking and adversary-in-the-middle attacks
Containing a domain compromise: How predictive shielding shut down lateral movement
KelpDAO suffers $290 million heist tied to Lazarus hackers
Vercel’s security breach started with malware disguised as Roblox cheats
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
Why the Axios attack proves AI is mandatory for supply chain security
Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems
Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials
Containing a domain compromise: How predictive shielding shut down lateral movement
ZionSiphon Malware Targets ICS in Water Facilities
World Leaks: RDP Access Leads to Custom Exfiltration and Personalized Extortion
ZionSiphon malware designed to sabotage water treatment systems
When PUPs Grow Fangs: Dragon Boss Solutions' $10 Supply Chain Risk