mitre-t1566
944 articles with this tag
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
CRITICAL
CRITICAL
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
Employees are unknowingly inviting tech support impersonators into firms, says FBI
FBI warns law firms of in-person data theft by Silent Ransom Group
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Ransomware Actors Show Up In Person to Steal Law Firm Data
AI chatbot recommendations lure users to cryptojacking malware sites
BTMOB Android RAT poses significant threat with easy-to-use builder
How attackers engineer BECs against specific organizations
Latin American Cybercriminals Hoover Up Government Data
FBI: Get to know your IT guy – extortion crews are visiting law firms pretending to be tech support
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault
Hackers are knocking on office doors pretending to be IT staff
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
Kali365 phishing kit bypasses MFA and steals Microsoft logins
FBI warns of in-person data theft attacks from extortion gang
Thousands of Fake FIFA Domains Target World Cup Fans
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
Fake LinkedIn emails abuse Adobe to track victims
FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
PureLogs Variant Steals Data via Purchase Order Lures
BTMOB: A stealthy RAT burrowing deep into Android devices
Fake AI tool websites used to steal developer data
Formula 1 fans targeted by evolving scams, Bitdefender warns
ShinyHunters extorts Charter Communications after data breach
Charter confirms data breach after ShinyHunters extortion threat
CypherLoc scareware tricks millions into identity theft traps
Detecting Tycoon 2FA AiTM attacks across Entra ID and Google Workspace
FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception
Chinese phishing gangs grow into a force to be reckoned with
BTMOB Android RAT Spreads Through No-Code Builder Tooling
Iranian APT Targets Aviation, Software Companies With Updated Tools
185,000 Likely Impacted by 7-Eleven Data Breach
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
700+ education and tech websites hijacked in huge ClickFix malware campaign
Scammers pretending to be Microsoft had help from US executives
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
Security experts caution MFA alone can no longer stop threat actors
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
Belarus-linked Ghostwriter group targets Ukraine using Prometheus learning platform lures
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
FBI warns of Kali Oauth stealers
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
Facebook scam targets users over 40 with fake Aldi meat box offers
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
Smishing Campaigns Scale Mobile Financial Theft Operations
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
Microsoft 365 users targeted by new phishing threat that bypasses MFA
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
Inside the RaaS Ecosystem: Operators, Affiliates & Attack Tradecraft | Huntress
Storm-2949 actor targets Microsoft 365 and Azure environments
The AiTM problem nobody's architecture actually solves
Poland directs officials to cease Signal use amid cyberattack concerns
QR Code Phishing Surges as Attackers Shift Toward Mobile Tactics
Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
Microsoft Self-Service Password Reset abused in Azure data theft attacks
AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks
In stunning display of stupid, secret CISA credentials found in public GitHub repo
How Storm-2949 turned a compromised identity into a cloud-wide breach
PureLogs infostealer is stealing credentials worldwide
Internet Explorer may be dead, but its ghost still runs malware
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks
The New Phishing Click: How OAuth Consent Bypasses MFA
Inside SHADOW-WATER-063’s Banana RAT: From Build Server to Banking Fraud
Hackers Bypass Security Tools to Target Users Directly
How Storm-2949 turned a compromised identity into a cloud-wide breach
Tycoon2FA phishing kit evolves with device-code attacks on Microsoft 365
FIFA World Cup scams target fans and businesses
Vara við fjársvikum þar sem talgervill talar íslensku
Hackers exploit calendar invites to hijack accounts using CalPhishing
7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand
201 arrested in INTERPOL disruption of phishing and fraud networks
Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
Hackers use PyInstaller to hide XWorm malware
The spy who logged me in.
ESET details new Ghostwriter activity targeting Ukrainian government
Welcome to BlackFile: Inside a Vishing Extortion Operation
Thieves unlock stolen iPhones using cheap tools sold on Telegram
Fake job interviews used to deploy JobStealer malware
Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data
Threat Actors Weaponize Tiflux RMMs in Malspam Attacks
How EvilTokens Turbocharges Old School Phishing with AI
'FrostyNeighbor' APT Carefully Targets Govt Orgs in Poland, Ukraine
CVE-2026-41615 Microsoft Authenticator Information Disclosure Vulnerability
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses
Axios breach shows why software supply chains need zero trust
KongTuke hackers now use Microsoft Teams for corporate breaches
Kimsuky targets organizations with PebbleDash-based tools
Your iPhone Gets Stolen. Then the Hacking Begins