mitre-ta0006
200 articles with this tag
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
MEDIUM
CRITICAL
HIGH
INFO
CRITICAL
CRITICAL
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
CRITICAL
CRITICAL
HIGH
MEDIUM
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
CRITICAL
HIGH
Security experts caution MFA alone can no longer stop threat actors
One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
[local] Windows Snipping Tool - NTLMv2 Hash Hijack
Over 70% of organizations hit by identity breaches
1 in 8 employees have sold company logins or know someone who has
Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise
"AccountDumpling": Hunting Down the Google-Sent Phishing Wave Compromising 30,000+ Facebook Accounts
Email threat landscape: Q1 2026 trends and insights
Cybercrime Groups Using Vishing and SSO Abuse in Rapid SaaS Extortion Attacks
Microsoft: QR code, CAPTCHA-gated phishing more than double in Q1 2026
Federal charges filed against teen hacker allegedly part of Scattered Spider
Email threat landscape: Q1 2026 trends and insights
New Windows flaw stems from incomplete fix for APT28-exploited bugs
Cursor Extension Flaw Exposes Developer API Keys
Experts: Amplification of opportunistic cyberattacks central to Iran's strategy
BlackFile hackers target retail, hospitality with vishing and data extortion
BlackFile actively extorting data-theft victims in retail and hospitality sector
UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware
Scattered Spider co-conspirator pleads guilty
Over $12M stolen in North Korean crypto heist against web developers
Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety
macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets
Tycoon 2FA relinquishes crown to similar PhaaS platforms
British Scattered Spider Hacker Pleads Guilty in the US
Scot becomes second Scattered Spider-linked crook to plead guilty in US
FBI takedown of W3LL phishing service leads to developer arrest
The silent “Storm”: New infostealer hijacks sessions, decrypts server-side
Critical Marimo pre-auth RCE flaw now under active exploitation
Microsoft: Canadian employees targeted in payroll pirate attacks
New VENOM phishing attacks steal senior executives' Microsoft logins
Russian hacking group targets home and small office routers to spy on users
The Trojan horse of cybercrime: Weaponizing SaaS notification pipelines
Detecting CI/CD Supply Chain Attacks with Canary Credentials
New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
Venom Stealer Raises Stakes With Continuous Credential Harvesting
Cybercriminals Exploit Tax Season With New Phishing Tactics
Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign
Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
AI Speeds Attacks, But Identity Remains Cybersecurity’s Weakest Link
Silver Fox Cyber Campaigns Show Shift Toward Dual Espionage
“Mirax Bot” Android Malware Enables Remote Banking Fraud
Lightning-fast exploits make it essential to patch fast, ask questions later
CISA urges IT to harden endpoint management systems after cyberattack by pro-Iranian group
When tax season becomes cyberattack season: Phishing and malware campaigns using tax-related lures
Threat Actor Targeting VPN Users in New Credential Theft Campaign
Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials
Accertify’s Attack State targets credential stuffing and ATO attacks
Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft
Undetected Discord Malware
Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
Ransomware activity peaks outside business hours
Malicious StripeApi NuGet Package Mimicked Official Library and Stole API Tokens
[NEU] [kritisch] Cisco Catalyst SD-WAN Manager und SD-WAN Controller: Mehrere Schwachstellen
Steaelite RAT combines data theft and ransomware management capability in one tool
Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon
600+ FortiGate Devices Hacked by AI-Armed Amateur
Shai-Hulud-Like Worm Targets Developers via npm and AI Tools
Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls
Malicious Chrome extension targeting Apple App Store Connect developers through fake ASO service - full analysis
Arkanix Stealer pops up as short-lived AI info-stealer experiment
AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries
‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA
AI-augmented threat actor accesses FortiGate devices at scale
Ex-Google engineers charged with orchestrating high-tech secrets extraction
Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets
Ukrainian gets 5 years for helping North Koreans infiltrate US firms
New phishing campaign tricks employees into bypassing Microsoft 365 MFA
Flaw in Grandstream VoIP phones allows stealthy eavesdropping
Jinan USR IOT Technology Limited (PUSR) USR-W610
“ZeroDayRAT” Emergence Signals Advanced Mobile Spyware Threats
Industrial-Scale Fake Coretax Apps Drive $2m Fraud in Indonesia
How infostealers turn stolen credentials into real identities
Data on 1.2 million French bank accounts accessed in registry breach
“ZeroDayRAT” Emergence Signals Advanced Mobile Spyware Threats
Nigerian man gets eight years in prison for hacking tax firms
Hackers target Microsoft Entra accounts in device code vishing attacks
Starkiller: New ‘Commercial-Grade’ Phishing Kit Bypasses MFA
Arkanix Stealer: a C++ & Python infostealer
Fake IPTV Apps Spread Massiv Android Malware Targeting Mobile Banking Users
New 'Massiv' Android banking malware poses as an IPTV app
CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware
Nigerian man sentenced to 8 years in prison for running phony tax refund scheme
CRESCENTHARVEST: Iranian protestors and dissidents targeted in cyberespionage campaign
Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration
Job scam uses fake Google Forms site to harvest Google logins
ZeroDayRAT spyware targets Android and iOS devices via commercial toolkit
Side-Channel Attacks Against LLMs
Poland arrests suspect linked to Phobos ransomware operation
Unit 42: Nearly two-thirds of breaches now start with identity abuse
Infostealer Targets OpenClaw to Loot Victim’s Digital Life
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
Operation DoppelBrand: Weaponizing Fortune 500 Brands
Infostealer malware found stealing OpenClaw secrets for first time
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft