mitre-t1078
559 articles with this tag
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
CRITICAL
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
HIGH
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
AI accelerates development of ransomware toolkit with EDR evasion capabilities
CISA warns of cyberattacks targeting fuel tank monitoring systems
Typosquatted npm packages used to steal cloud and CI/CD secrets
Global Stock Exchange Hit by Monthslong Email Campaign
Argamal: Malware hidden in hentai games
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign
SideCopy group targets Afghanistan's Ministry of Finance with Xeno RAT
Critical Kirki flaw exploited to hijack WordPress admin accounts
Why supply chain attacks work and what detection can actually do about it
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs
Russian spy agency says foreign spies turned officials' smartphones into surveillance devices
LABScon25 Replay | Gamaredon x Turla: Unveiling a 2025 Espionage Alliance Targeting Ukraine
Infected Red Hat npm packages expose developer credentials
Meta AI Hands Over High-Profile Instagram Accounts to Hackers
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
Malware hides in Steam comments to infect WordPress sites
Red Hat npm packages compromised to steal developer credentials
Dozens of Red Hat packages backdoored through its offical NPM channel
Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm
Russian hacker used AI to run fraud scheme on MAGA Telegram channel
PHANTOMPULSE: anatomy of a hijackable blockchain-C2 RAT
FSB Group Gamaredon Hides Worm in Windows Data Streams
Election threats are focused on campaign systems, not voting machines
A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate
Malicious npm packages abuse dependency confusion to profile developer environments
AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
‘Claude Code install’ search result leads to ClickFix infostealer attack
[NEU] [hoch] Froxlor: Mehrere Schwachstellen
Typosquatted npm packages used to steal cloud and CI/CD secrets
Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects
Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
Supply Chain Compromises Impact Nx Console and GitHub Repositories
Hackers exploit FortiClient EMS flaw to push infostealer malware
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
MacGregor Voyage Data Recorder (VDR) G4e
GPU mining malware spreads via SEO poisoning, AI chatbots
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
[local] Realtek rtl819x - Local Privilege
LA Metro Cyberattack Linked to Iranian State-Sponsored Hackers
BTMOB: A stealthy RAT burrowing deep into Android devices
MuddyWater Uses DLL Side-Loading in Espionage Campaign Targeting 9 Countries
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
Security experts caution MFA alone can no longer stop threat actors
Laravel-Lang Packages Poisoned for Malware Delivery
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
Laravel Lang packages hijacked to deploy credential-stealing malware
Paved With Intent: ROADtools and Nation-State Tactics in the Cloud
Mini Shai-Hulud: Frequently asked questions about the TeamPCP npm and PyPI supply chain campaign
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
Grafana Labs Says Code Breach Stemmed from TanStack Attack
One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
GitHub links repo breach to TanStack npm supply-chain attack
How a Webmail Log File Became a Root-Level Backdoor
Ukraine identifies infostealer operator tied to 28,000 stolen accounts
New Mini Shai-Hulud attack targets npm ecosystem
Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft
Storm-2949 actor targets Microsoft 365 and Azure environments
Grafana breach caused by missed token rotation after TanStack attack
Webworm APT targets European government organizations with new backdoors
GitHub says internal repositories were taken in poisoned VS Code extension attack
SHub Reaper impersonates Apple, Google, and Microsoft in one MacOS attack chain
Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack
Tracking TamperedChef Clusters via Certificate and Code Reuse
AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks
Mini Shai-Hulud returns, compromising hundreds of npm packages
How Storm-2949 turned a compromised identity into a cloud-wide breach
New Shai-Hulud malware wave compromises 600 npm packages
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
New macOS infostealer impersonates Apple, Microsoft, and Google in a single attack chain
Grafana Labs Confirms Hackers Stole Source Code
Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account
Mini Shai-Hulud Pushes Malicious AntV npm Packages via Compromised Maintainer Account
Malaysian government-linked campaign used hidden infrastructure for years
Shai-Hulud copycat worm infects yet another npm package
'Claw Chain' Vulnerabilities Threaten OpenClaw Deployments
Shai-Hulud Worm Clones Spread After Code Release
Turla group evolves Kazuar backdoor into modular P2P botnet
4 vulnerabilities in OpenClaw AI agent put thousands of servers at risk
The Canvas breach proved that prevention is no longer enough
Kazuar: Anatomy of a nation-state botnet
201 arrested in INTERPOL disruption of phishing and fraud networks
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
Russian hackers turn Kazuar backdoor into modular P2P botnet
TeamPCP releases ‘vibe coded’ Shai-Hulud source code, issues challenge
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
[local] Windows Snipping Tool - NTLMv2 Hash Hijack
NCSC-2026-0162 [1.00] [M/H] Kwetsbaarheden verholpen in F5 BIG-IP en BIG-IQ producten
TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
OpenAI Hit by TanStack Supply Chain Attack
OpenAI caught in TanStack npm supply chain chaos after employee devices compromised
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
dMSA Ouroboros: Self-Sustaining Credential Extraction in Windows Server 2025
OpenAI confirms security breach in TanStack supply chain attack
When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps
Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign