mitre-ta0001
6024 articles with this tag
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
HIGH
LOW
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
GPU mining malware spreads via SEO poisoning, AI chatbots
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Ransomware Actors Show Up In Person to Steal Law Firm Data
AI chatbot recommendations lure users to cryptojacking malware sites
USN-8326-1: Foomuuri vulnerabilities
CrowdStrike, Google shatter Glassworm botnet
USN-8322-1: Apache Commons BeanUtils vulnerability
USN-8324-1: Apache Tika vulnerabilities
USN-8325-1: tgt vulnerability
BTMOB Android RAT poses significant threat with easy-to-use builder
How attackers engineer BECs against specific organizations
Latin American Cybercriminals Hoover Up Government Data
FBI: Get to know your IT guy – extortion crews are visiting law firms pretending to be tech support
Malicious npm Package Stole Files From Claude AI User Directory via GitHub
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault
Hackers are knocking on office doors pretending to be IT staff
FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework
Vulnerability in Popular Conference Software Granted Attackers a 100% Talk Acceptance Rate
MediaArea heap-based buffer overflow vulnerabilities
USN-8321-1: Papers vulnerability
Veikleikar í Drupal, Cisco, Ubiquity og LiteSpeed cPanel viðbót
CrowdStrike, Google Take Down Glassworm Botnet
[webapps] EspoCRM 9.3.3 - SSRF
[webapps] Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
Glassworm botnet disrupted after resilient C2 infrastructure takedown
[webapps] OpenCATS 0.9.7.4 - SQL Injection
[hardware] MeiG Smart FORGE_SLT711 - OS Command Injection
[webapps] scramble - Remote Code Execution
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
Mitigating CVE-2026-31431 (“Copy Fail”) in Docker Engine
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
Kali365 phishing kit bypasses MFA and steals Microsoft logins
Fake ChatGPT and Claude installers on GitHub are dropping Deno RAT malware
Romanian Hacker Sentenced to Prison in US for Selling Access to State Network
How to guarantee a speaker gig: Hack the system. Literally
FBI warns of in-person data theft attacks from extortion gang
[NEU] [mittel] Autodesk 3ds Max: Mehrere Schwachstellen
[NEU] [hoch] Linux Kernel: Mehrere Schwachstellen
[NEU] [mittel] Snipe-IT: Mehrere Schwachstellen
Thousands of Fake FIFA Domains Target World Cup Fans
Gitea Vulnerability Exposes Private Container Images without Authentication
[NEU] [hoch] Samba: Mehrere Schwachstellen
[NEU] [hoch] IBM License Metric Tool: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
[NEU] [mittel] Joomla: Mehrere Schwachstellen
[NEU] [hoch] ILIAS: Mehrere Schwachstellen
USN-8314-1: Ayttm vulnerabilities
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
GlassWorm Botnet Disrupted
CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
USN-8313-1: XML-RPC for C and C++ vulnerabilities
[NEU] [hoch] Microsoft GitHub Enterprise: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
[NEU] [hoch] IBM WebSphere Application Server: Mehrere Schwachstellen
[NEU] [hoch] IBM HTTP Server: Mehrere Schwachstellen
Fake LinkedIn emails abuse Adobe to track victims
LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
Dutch police arrests suspect linked to Ajax football club hack
[NEU] [niedrig] IBM Tivoli Netcool/OMNIbus: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] Notepad++: Mehrere Schwachstellen
[NEU] [hoch] 7-Zip: Schwachstelle ermöglicht Codeausführung
Fake Microsoft Teams download sites are being used to deliver ValleyRAT via DLL sideloading
RCE in Strix Agent(Sandbox): A practical guide to prompt injections with impact
FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
[UPDATE] [hoch] Apple macOS Sequoia, Sonoma und Tahoe: Mehrere Schwachstellen
[UPDATE] [hoch] Insyde UEFI Firmware: Schwachstelle ermöglicht Codeausführung
PureLogs Variant Steals Data via Purchase Order Lures
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
CVE-2026-8466 Unbounded buffer accumulation in multipart header parsing causes denial of service in cowboy
CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
BTMOB: A stealthy RAT burrowing deep into Android devices
Nginx Remote Code Execution Vulnerability
Fake AI tool websites used to steal developer data
Formula 1 fans targeted by evolving scams, Bitdefender warns
Iranian-backed hackers linked to Los Angeles transit system breach
ShinyHunters extorts Charter Communications after data breach
CVE-2026-45659 Microsoft SharePoint Remote Code Execution Vulnerability
From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities
Listening, Drupal, TTE, KEV, Mythos, Megalodon, Badanov, MFA, Pope Leo, Aaran Leyland - SWN #584
USN-8167-2: xdg-dbus-proxy vulnerability
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
KnowledgeDeliver flaw exploited as a zero-day to install web shells
USN-8307-1: ONNX vulnerability
USN-8310-1: Linux kernel (Azure) vulnerabilities
USN-8278-2: Linux kernel (Azure) vulnerabilities
USN-8305-2: Linux kernel (Low Latency) vulnerabilities
USN-8280-3: Linux kernel (IoT) vulnerabilities
Millions of AI agents imperiled by critical vulnerability in open source package
Drupal bug added to CISA list of known exploited vulnerabilities
The Hackers Behind Shai-Hulud: Lucky or Skilled?
Charter confirms data breach after ShinyHunters extortion threat
From Cookies to Keys: The Threat of Session Hijacking
CISA Adds One Known Exploited Vulnerability to Catalog
MyPillow must decide whether to be firm or soft as ransomware crims demand pay
Ghost CMS vulnerability exploited in large-scale campaign
North Korea's Lazarus Group uses new RemotePE malware against financial targets
Zero-click attack hijacks WhatsApp accounts on iOS 16
Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike
Critical vulnerability in Universal Robots' PolyScope OS allows remote command execution
CypherLoc scareware tricks millions into identity theft traps