mitre-ta0008
136 articles with this tag
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
INFO
MEDIUM
CRITICAL
MEDIUM
CRITICAL
CRITICAL
MEDIUM
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
HIGH
CRITICAL
MEDIUM
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
CRITICAL
HIGH
INFO
HIGH
HIGH
CRITICAL
HIGH
The Hackers Behind Shai-Hulud: Lucky or Skilled?
From Cookies to Keys: The Threat of Session Hijacking
New Linux malware 'Showboat' targets Middle East telecom provider
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
GitHub Actions Cache Poisoning is eating open source
Chinese hackers target telcos with new Linux, Windows malware
Hackers bypass SonicWall VPN MFA due to incomplete patching
Microsoft Self-Service Password Reset abused in Azure data theft attacks
How Storm-2949 turned a compromised identity into a cloud-wide breach
A 6-step guide for responding to the Foxconn ransomware/supply chain incident
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
How Storm-2949 turned a compromised identity into a cloud-wide breach
The Canvas breach proved that prevention is no longer enough
Kazuar: Anatomy of a nation-state botnet
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
When IT Support Calls: Dissecting a ModeloRAT Campaign from Teams to Domain Compromise
AI Agents Generate Custom Hacking Tools on the Fly
New GhostLock tool abuses Windows API to block file access
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
South Staffordshire Water Fined £1m After Data Breach
Worm rubs out competitor's malware, then takes control
‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
Lateral Movement - Cross-Session Activation
Critical cPanel Vulnerability Weaponized to Target Government and MSP Networks
Critical Gemini CLI Flaw Enabled Host Code Execution, Supply Chain Attacks
Vidar Rises to Top of Chaotic Infostealer Market
CI/CD pipeline abuse: the problem no one is watching
89 vulnerabilities in XAPI / Citrix XenServer
PhantomCore Exploits TrueConf Vulnerabilities to Breach Russian Networks
Threat actor uses Microsoft Teams to deploy new “Snow” malware
UNC6692 impersonates help desk employees to drop SNOW malware via Teams
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
UK warns of Chinese hackers using proxy networks to evade detection
'Zealot' Shows What AI's Capable of in Staged Cloud Attack
Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure
New Mirai campaign exploits RCE flaw in EoL D-Link routers
MacOS Native Tools Enable Stealthy Enterprise Attacks
SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation
SystemBC botnet linked to Gentlemen ransomware attacks
Bad Apples: Weaponizing native macOS primitives for movement and execution
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Vercel confirms Context.ai-linked breach exposed customer environment variables; ShinyHunters lists $2M sale on BreachForums
Payouts King ransomware abuses QEMU for hidden VMs and backdoors
Containing a domain compromise: How predictive shielding shut down lateral movement
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
KelpDAO suffers $290 million heist tied to Lazarus hackers
ZionSiphon Malware Targets Water Infrastructure Systems
Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook
Containing a domain compromise: How predictive shielding shut down lateral movement
“Your shipment has arrived” email hides remote access software
World Leaks: RDP Access Leads to Custom Exfiltration and Personalized Extortion
New AgingFly malware used in attacks on Ukraine govt, hospitals
Kerberoasting detection gaps in mixed-encryption environments and why 0x17 filtering alone isn't enough
Black Basta’s playbook lives on as former affiliates launch fast-scale intrusion campaign
China-linked cloud credential heist runs on typos and SMTP
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
Iran‑Backed Threat Actors Hit US CNI Providers via Internet‑Facing OT Assets
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran cyber actors disrupting US water, energy facilities, FBI warns
TrueConf Zero-Day Attack
US warns of Iranian hackers targeting critical infrastructure
Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn
Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure
Microsoft Speech - Lateral Movement
Microsoft says Medusa-linked Storm-1175 is speeding ransomware attacks
Storm-1175 Exploits Flaws in High-Velocity Medusa Attacks
Understanding Current Threats to Kubernetes Environments
Using undocumented AWS CodeBuild endpoints to extract privileged tokens from AWS CodeConnections allowing lateral movement and privilege escalation through an organisation's codebase
[Video] The TTP Ep 21: When Attackers Become Trusted Users
PSA: That 'Disable NTLMv1' GPO you set years ago? It’s lying to you. LmCompatibilityLevel set to 5 is not enough.
Ransomware in 2025: Blending in is the strategy
Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise
New RoadK1ll WebSocket implant used to pivot on breached networks
Iran-Linked Pay2Key Ransomware Group Re-Emerges
From Vectors to Verdicts: Web App Testing with Vector Command
New Whitepaper: Exploiting Cellular-based IoT Devices
TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 Likely via Trivy CI/CD Compromise
Tax Search Ads Deliver ScreenConnect Malware Using Huawei Driver to Disable EDR
How the Huntress SOC Stopped a VPN-Based Ransomware Attack
How a Tax Search Leads to Kernel-Mode AV/EDR Kill
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them
CanisterWorm Gets Teeth: TeamPCP's Kubernetes Wiper Targets Iran
LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks
Rapid7 Guidance on Observed Microsoft Teams Phishing Campaigns
China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation
[NEU] [mittel] Flowise: Schwachstelle ermöglicht Manipulation von Dateien
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials
Trust no one: are one-way trusts really one way?
Chinese Cyber Threat Lurks In Critical Asian Sectors for Years
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
hackers now steal your data in 72 minutes
The FBI Is Using AI to Hack Targets
CyberStrikeAI tool adopted by hackers for AI-powered attacks
APT37 hackers use new malware to breach air-gapped networks
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
Attackers Now Need Just 29 Minutes to Own a Network