mitre-t1133
223 articles with this tag
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
HIGH
CRITICAL
MEDIUM
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
MEDIUM
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
MEDIUM
CRITICAL
HIGH
HIGH
HIGH
INFO
HIGH
CRITICAL
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Russian hackers exploit WinRAR vulnerability for data theft
AI-built ransomware toolkit automates EDR evasion, AD discovery
Meta AI Hands Over High-Profile Instagram Accounts to Hackers
Sophos uncovers AI-powered malware lab built for EDR evasion
Miasma supply chain attack: malicious code found in @redhat-cloud-services npm packages
Dozens of Red Hat packages backdoored through its offical NPM channel
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
A week after Dutch FIOD seized 800+ servers, the hosting network's ASN (AS209847) is still scanning at its normal daily rate
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
Supply Chain Compromises Impact Nx Console and GitHub Repositories
BTMOB RAT Spreads Across Brazil, LatAm via MaaS Model
Download pumping: New npm deception technique for supply chain attacks
JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware
CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain
GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure
GlassWorm Botnet Disrupted
‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems
FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites
Feeding Frenzy: 'Megalodon' Malware Infects Thousands of GitHub Repos
The Hackers Behind Shai-Hulud: Lucky or Skilled?
From Cookies to Keys: The Threat of Session Hijacking
Zero-day vulnerability in Japanese LMS exploited to deploy Cobalt Strike
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
Over 5,500 GitHub Repositories Infected in ‘Megalodon’ Supply Chain Attack
TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
Megalodon GitHub Attack Targets 5,561 Repos with Malicious CI/CD Workflows
Alleged leader of Kimwolf, a sweeping botnet for cybercriminals, arrested in Canada
GitHub Actions Cache Poisoning is eating open source
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
Chinese hackers target telcos with new Linux, Windows malware
Grafana Labs Says Code Breach Stemmed from TanStack Attack
Webworm: New burrowing techniques
Webworm APT targets European government organizations with new backdoors
GitHub Confirms Hack Impacting 3,800 Internal Repositories
Microsoft Self-Service Password Reset abused in Azure data theft attacks
Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS
New Shai-Hulud malware wave compromises 600 npm packages
From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat
Grafana Labs Confirms Hackers Stole Source Code
Mini Shai-Hulud Hits AntV: 300+ Malicious npm Packages Published via Compromised Maintainer Account
How Storm-2949 turned a compromised identity into a cloud-wide breach
Malaysian government-linked campaign used hidden infrastructure for years
FIFA World Cup scams target fans and businesses
TanStack weighs invitation-only pull requests after supply chain attack
TanStack Supply Chain Attack (And How to Lock Down GitHub Actions)
201 arrested in INTERPOL disruption of phishing and fraud networks
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
North Korean Hackers Now Using AI? Kaspersky Warns of New Threat Targeting South Korean Govt Systems
NCSC-2026-0160 [1.00] [M/H] Kwetsbaarheden verholpen in Ivanti Endpoint Manager
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Critical Quest KACE SMA flaw exploited after 10 months
Operation SilentCanvas: Attackers use .jpeg files to deliver malware
GemStuffer Abuses 150+ RubyGems to Exfiltrate Scraped U.K. Council Portal Data
Defending consumer web properties against modern DDoS attacks
Threat actor Mr_Rot13 exploits critical cPanel flaw to deploy Filemanager backdoor
Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Network Pivots
Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
South Staffordshire Water Fined £1m After Data Breach
TanStack Npm Packages Compromised Inside The Mini Shai Hulud Supply Chain Attack
Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
New PamDOORa Linux backdoor sold on cybercrime forum
Worm rubs out competitor's malware, then takes control
NCSC-2026-0136 [1.00] [M/H] Kwetsbaarheden verholpen in Cisco Unity Connection
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
ScarCruft hackers push BirdCall Android malware via game platform
Small Defense Firms Lack Network Data to Stop Nation-State Hackers, Analyst Says
Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities
RMM Tools Fuel Stealthy Phishing Campaign
The fake IT worker problem CISOs can’t ignore
New software supply chain attack uses sleeper packages for credential theft and CI tampering
That AI Extension Helping You Write Emails? It’s Reading Them First
EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades
SAP npm package attack highlights risks in developer tools and CI/CD pipelines
Novel multi-stage malware campaign stealthily targets Pakistan
Why a recent supply-chain attack singled out security firms Checkmarx and Bitwarden
Iranian Cyber Group Handala Targets US Troops in Bahrain
More fake extensions linked to GlassWorm found in Open VSX code marketplace
CI/CD pipeline abuse: the problem no one is watching
89 vulnerabilities in XAPI / Citrix XenServer
Checkmarx confirms LAPSUS$ hackers leaked its stolen GitHub data
Dozens of Open VSX Extension Clones Linked to GlassWorm Malware
GlassWorm attackers activate new ‘sleeper’ extensions on Open VSX
LMDeploy vulnerability exploited, highlighting AI infrastructure risks
Tropic Trooper targets Chinese speakers with SumatraPDF trojan and VS Code tunnels
Threat actor uses Microsoft Teams to deploy new “Snow” malware
The npm Threat Landscape: Attack Surface and Mitigations
Backdoor FIRESTARTER: CISA aggiorna la direttiva dopo violazione federale
New Cisco firewall malware can only be killed by pulling the plug
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain ...
Namastex npm packages compromised in ‘CanisterWorm’ supply chain attack
UK warns of Chinese hackers using proxy networks to evade detection
AI-driven attacks target governments, cloud agents, supply chains