mitre-ta0040
670 articles with this tag
HIGH
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
MEDIUM
MEDIUM
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
MEDIUM
MEDIUM
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
MEDIUM
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
MEDIUM
INFO
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
Ukrainian national pleads guilty to role in Conti ransomware operation
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
Microsoft investigates breach of open-source projects after malware injection
Miasma Supply Chain Worm Burrows Into 73 Microsoft Repositories
New Veeam vulnerability exposes backup servers to RCE attacks
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Iran Signed a Ceasefire — Its Hackers Didn't
Ransomware sends Illinois high school on an early summer vacation
Pro-Russian hacker group launches 'Patriotic Online Games' campaign targeting European organizations
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
HTTP/2’s speed abused to slow webserver performance in DoS attack
Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets
Supply Chain Attack Hits 32 Red Hat NPM Packages
Shai-Hulud malware worms Red Hat npm package versions downloaded 80K times a week
Poisoning Claude Code: One GitHub Issue to Break the Supply Chain
Containers on fire: from container escapes to supply chain attacks
The Gentlemen are coming for your files, and then your network
Mass database extortion causes significant damage despite low payment rates
WantToCry ransomware remotely encrypts files
CrowdStrike, Google Take Down Glassworm Botnet
‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery Systems
When ransomware shutters the ER, cyber resilience can help teams mitigate the damage
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Typosquatting Is No Longer a User Problem. It's a Supply Chain Problem
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
The AntV Supply Chain Campaign Expands: Microsoft's `durabletask` PyPI Package Compromised
GitHub Actions workflow compromised to steal CI/CD credentials
Spotify outage caused by DDoS attack claimed by hacking group
First Shai-Hulud Worm Clones Emerge
American Lending Center data breach impacts over 123,000 individuals
Major tech manufacturer Foxconn confirms cyberattack hit North American factories
West Pharmaceutical says hackers stole data, encrypted systems
RubyGems pauses new account sign-ups amid major malicious attack
West Pharmaceutical Services hit by ransomware attack
Foxconn confirms cyberattack claimed by Nitrogen ransomware gang
Foxconn confirms cyberattack after ransomware crew claims it stole confidential Apple, Nvidia files
Defending consumer web properties against modern DDoS attacks
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
Cache-poisoning caper turns TanStack npm packages toxic
TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
Stolen Canvas data was “returned” after hacker agreement, Instructure says
JDownloader website compromised to distribute malicious installers
New GhostLock tool abuses Windows API to block file access
Official CheckMarx Jenkins package compromised with infostealer
Checkmarx tackles another TeamPCP intrusion as Jenkins plugin sabotaged
Former govt contractor convicted for wiping dozens of federal databases
The Canvas Hack Is a New Kind of Ransomware Debacle
Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)
Critrical cPanel flaw mass-exploited in "Sorry" ransomware attacks
Supply chain attack against SAP npm packages facilitates credential theft
Illicit AI-assisted commit-linked npm dependency compromises crypto wallets
Two US Security Experts Sentenced to Prison for Helping Ransomware Gang
Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks
The Vercel Breach: OAuth Supply Chain Attack Exposes the Hidden Risk in Platform Environment Variables
US ransomware negotiators get 4 years in prison over BlackCat attacks
Former incident responders sentenced to 4 years in prison for committing ransomware attacks
TeamPCP-linked VECT 2.0 ransomware unintentionally destroys files larger than 128 KB
Broken VECT 2.0 ransomware acts as a data wiper for large files
Don't pay Vect a ransom - your data's likely already wiped out
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
VECT: Ransomware by design, Wiper by accident
Cisco ASA and FTD Firewall RCE
ShinyHunters Claims Sale of Anthropic Claude Mythos AI Model Data and Internal Documents
Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet
In a first, a ransomware family is confirmed to be quantum-safe
Bitwarden CLI npm package compromised to steal developer credentials
Kyber ransomware targets Windows and ESXi with post-quantum encryption claims
Checkmarx Docker Hub repository compromised with malicious images
New npm supply-chain attack self-spreads to steal auth tokens
New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention
Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack
Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
New Lotus data wiper used against Venezuelan energy, utility firms
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
Mastodon hit by DDoS attack, disrupting flagship server
Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023
Third US Security Expert Admits Helping Ransomware Gang
The Gentlemen Ransomware Expands With Rapid Affiliate Growth
Uptick in Bomgar RMM Exploitation
Prompt injection turned Google’s Antigravity file search into RCE
Bluesky Disrupted by Sophisticated DDoS Attack
Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking
The Gentlemen ransomware now uses SystemBC for bot-powered attacks
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
ZionSiphon malware designed to sabotage water treatment systems
Cookeville Medical Center Notifies Patients After July 2025 Ransomware Attack
Automotive Ransomware Attacks Double in a Year
Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure
Automotive data biz Autovista blames ransomware for service disruption
Axios npm Package Compromised
Zombie Microsoft bugs rise from the dead, pave way for crims and ransomware scum
Medusa Ransomware Attack
Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes
Healthcare IT solutions provider ChipSoft hit by ransomware attack
Shaky Ceasefire Unlikely to Stop Cyberattacks From Iran-Linked Hackers for Long
Iran-linked hackers disrupt operations at US critical infrastructure sites
Dutch healthcare software vendor goes dark after ransomware attack