Published Date All 2025-06-29 2025-06-28 2025-06-27 2025-06-26 2025-06-25 2025-06-24 2025-06-23 2025-06-22 2025-06-21 2025-06-20 2025-06-19
Tags All 0-day 0-Day Vulnerability 1Password Academic Institution Access Broker Access Control Account Takeover AccuWeather ACME Active Directory Active Directory Reconnaissance ActiveReports.NET Ad Tracking Advanced Protection Adversary Defense Evasion Advertising advisory Adware Affiliate Program Aflac Africa Age Verification Agent Tesla agents AI AI Agents AI Automation AI Code Assistants AI Ethics AI evasion AI Governance AI Hallucinations AI in Cybersecurity AI in Security AI Jailbreak AI Moratorium AI Policy Enforcement AI Safety AI Security AI Tools AI-assisted Triage AI-powered Attacks AI-Powered Automation AI-powered Security AI-Powered Security Air Conditioning Systems Airline Security Airlines Akamai Alert Fatigue Alerting Alternate Data Streams Amazon GuardDuty Amazon Linux 2023 Amazon Web Services (AWS) Amplifier Android Android 16 Android Enterprise Android Malware Android Security Android Trojan Androxgh0st Anonymity Anthropic Anti-detection Anti-detection Techniques Anti-Fingerprinting Antivirus Software Anubis ANY.RUN Apache Traffic Server API API Security App Passwords App Store App Store Security App-Specific Passwords App-Specific Passwords (ASPs) App-to-App Security Apple App Store Application Programming Interfaces (APIs) Application Security Application Security (AppSec) APT APT Salt Typhoon APT28 APT29 APT35 APT42 Arbitrary File Deletion Arbitrary File Write Arcanum Cyber Security Bot Arrest artificial intelligence Artificial Intelligence Artificial Intelligence (AI) Asset Inventory Asus Armoury Crate AsyncRAT AT&T Atlassian Attack Path Analysis Attack Surface Management Attack Surface Reduction Attribution Authentication Authentication Bypass Authentication Not Required Authorization Bypass autohotkey Automatic Content Recognition (ACR) automation Automation Automotive Security AV-Comparatives Aviation Industry AWS AWS Re:Inforce 2025 AWS Security Hub AWS Shield B2B Security Backdoor Banana Squad Bank Sepah Banking Malware Banking Trojan bcrypt Beacons BeardShell BEC Biometric Authentication Biometrics Bitcoin Bitdefender BitoPro Bitwarden Black Markets Blockchain Analysis Blue Screen of Death BlueNoroff Bluetooth BOD 22-01 BOLA (Broken Object Level Authorization) Botnet Botnets Br0k3r Braodo Stealer BreachForums Browser Fingerprinting Brute Force Brute Force Attack Brute-Force Attacks Buffalo AirStation Buffer Overflow Bug bug bounty Bug Bounty Bug Fixes Bunker Buster Bombs Burnout Business Email Compromise (BEC) Business Logic Vulnerabilities C2 Communication C2 Server Cambodia CAN Bus Canada Canadian Centre for Cyber Security Carding Cato Networks Censorship CERT-UA Certificate Authority Chain IQ Charming Kitten Chatbot ChatGPT Check Point Research Child Safety China China-Based Attack China-based Threat Actor China-linked China-linked APT China-linked threat actor China-Nexus China-nexus APT Chinese Hackers Chisel CIS Benchmarks CISA CISA KEV Cisco Cisco Identity Services Engine (ISE) Cisco IOS XE Cisco ISE Cisco ISE Passive Identity Connector (ISE-PIC) CISO CISOs Citizen Development Citizen Lab Citrix Citrix NetScaler ADC Citrix NetScaler Gateway CitrixBleed CitrixBleed 2 Civil Society Protection Cl0p Ransomware Clam AntiVirus Classroom Spy Cleartext CLI ClickFix ClickOnce Clop Ransomware Cloud Computing Cloud Repatriation cloud security Cloud security Cloud Security Cloudflare Cloudflare Tunnel Abuse CNAPP Cobalt Strike Code Execution Code Refactoring CoinMarketCap CoinTelegraph Command and Control Compliance Compromised Accounts Computer Vision Configuration Management Consumer Protection Container Security Context Poisoning Context-Aware Scanning Continuous Threat Exposure Management Control Systems CoreGraphics Credential Exfiltration Credential Guard Credential Harvesting Credential Leaks Credential Stuffing Credential Theft Credentials Theft Credit Card Skimming Credit Card Theft Credit Monitoring Critical Bug Critical Infrastructure Critical Vulnerability Cross-Origin Cross-Site Scripting (XSS) CrowdStrike Crypto Scams Crypto Theft Cryptocurrencies cryptocurrency Cryptocurrency Cryptocurrency Mining Cryptocurrency Mining Botnet Cryptocurrency Theft Cryptographic Agility cryptography Cryptography cryptojacking Cryptojacking cryptominers CSP CVE CVE-2015-1548 CVE-2017-17663 CVE-2023-20198 CVE-2023-20273 CVE-2023-28771 CVE-2023-34362 CVE-2023-36934 CVE-2023-4966 CVE-2023-6548 CVE-2023-6549 CVE-2024-3094 CVE-2024-51978 CVE-2024-8404 CVE-2025-0055 CVE-2025-0056 CVE-2025-20234 CVE-2025-20264 CVE-2025-20281 CVE-2025-20282 CVE-2025-2566 CVE-2025-27363 CVE-2025-3112 CVE-2025-3116 CVE-2025-3117 CVE-2025-31196 CVE-2025-36537 CVE-2025-3699 CVE-2025-3898 CVE-2025-3899 CVE-2025-3905 CVE-2025-4322 CVE-2025-49144 CVE-2025-49151 CVE-2025-49152 CVE-2025-49153 CVE-2025-49763 CVE-2025-49825 CVE-2025-49851 CVE-2025-49852 CVE-2025-49853 CVE-2025-5015 CVE-2025-5087 CVE-2025-5349 CVE-2025-5740 CVE-2025-5741 CVE-2025-5742 CVE-2025-5743 CVE-2025-5777 CVE-2025-6218 CVE-2025-6442 CVE-2025-6443 CVE-2025-6444 CVE-2025-6445 CVE-2025-6521 CVE-2025-6522 CVE-2025-6543 CVE-2025-6641 CVE-2025-6642 CVE-2025-6644 CVE-2025-6645 CVE-2025-6646 CVE-2025-6647 CVE-2025-6648 CVE-2025-6649 CVE-2025-6650 CVE-2025-6651 CVE-2025-6652 CVE-2025-6653 CVE-2025-6654 CVE-2025-6655 CVE-2025-6656 CVE-2025-6657 CVE-2025-6658 CVE-2025-6659 CVE-2025-6660 CVE-2025-6661 CVE-2025-6662 CVE-2025-6794 CVE-2025-6795 CVE-2025-6796 CVE-2025-6798 CVE-2025-6801 CVE-2025-6802 CVE-2025-6803 CVE-2025-6804 CVE-2025-6805 CVE-2025-6806 CVE-2025-6807 CVE-2025-6808 CVE-2025-6809 CVE-2025-6810 CVE-2025-6811 CVE-ID CVSS CVSS 3.3 CVSS 7.5 CVSS 7.8 CVSS 8.2 CVSS 9.8 CVSS Score CVSS Score 7.8 CVSS Score 9.8 CVSS:3.3 CVSS:7.5 CVSS:8.2 CVSS:9.8 Cyber Advisor Scheme cyber attack Cyber Attack Cyber Defense cyber espionage Cyber Espionage Cyber Essentials Cyber Hygiene Cyber Insurance Cyber Monitoring Centre Cyber Resilience Cyber Risk Communication Cyber Security and Resilience Bill Cyber Threat Cyber Threat Alliance Cyber Threat Intelligence Cyber Warfare Cyber-attacks cyberattack Cyberattack Cyberattacks Cybercrime Cybercrime Forum Cybercrime Forums Cybercrime in Africa Cybercriminals Cyberespionage cybersecurity Cybersecurity Cybersecurity Awareness Cybersecurity Best Practices Cybersecurity Budget Cuts Cybersecurity Certification Cybersecurity Charter Cybersecurity Funding Cybersecurity Incident Cybersecurity Infrastructure Cybersecurity Jobs Cybersecurity Lessons Learned Cybersecurity Risk Cybersecurity Salaries Cybersecurity Services Cybersecurity Skills Gap Cybersecurity Strategy Cybersecurity Talent Shortage Cybersecurity Threat Cybersecurity Training Cyberstalking Cyberwar D-Link Dark Patterns Dark Web Dashlane Data Analysis data breach Data Breach data breaches Data Brokers Data Classification Data Collection data exfiltration Data Exfiltration Data Leak Data Leakage Data Leakage Prevention Data Loss Data Poisoning Data Privacy Data Protection Data Reconnaissance Data Removal Data Resilience Data Security data theft Data Theft DDoS DDoS Attack DDoS Attacks Debian Decentralization Decoherence Deepfake Deepfakes DeepSeek Default Credentials default password Default Password DeFi Defiant Delta Electronics Denial of Service Denial-of-Service Deserialization Deserialization of Untrusted Data Detection Engineering Device Fingerprinting DevSecOps DHS Digital Certificate Digital Sextortion Digital Signature Digital Sovereignty Dire Wolf Direct Send Directory Traversal Disaster Recovery Disinformation Disneyland Paris DLL Hijacking DLL side-loading DMV Scam DNS DNS Encryption DNSCrypt Do Not Call Registry Docker DocuSign DOJ Domain Generation Algorithm (DGA) Double Extortion DRAT DRAT V2 Drive-by Compromise Driver Exploitation Drivers Drones DuckDuckGo E-commerce Security EASM Eavesdropping Echo Chamber Attack Eclipse Foundation Economic Impact Edge Devices Edge Side Includes (ESI) EDR Election Security Email Security Employee Data Encrypted Platforms Encryption End of Life End of Life (EOL) End-of-Life End-to-End Encryption Endpoint Detection and Response (EDR) Endpoint Protection Endpoint Security Energy Sector Entra ID enumeration eSIM Espionage EternalBlue Ethical AI Ethics Europol evasion techniques Evasion Techniques EVLink WallBox Executive Buy-in Executive Support Exfiltration Exploit Exploit Intelligence Exploit Prediction Exploit Public-Facing Application Exploitation Export Controls Exposure Management Extradition F-35A Facebook Facial Recognition Facial Recognition Technology Fake Online Stores Fake Tech Support False Positives Family Plans FBI Federal Aviation Administration (FAA) Federal Civilian Executive Branch (FCEB) FIDO Alliance FIDO Security Keys File Scanning File Search FileFix Financial Crime Financial Data Financial Fraud Financial Impact Financial Institutions Financial Scams Financial Sector Financial Security Financial Services FIPS 140-3 FireScorpion firmware Firmware Firmware Security Firmware Tampering firmware update Firmware Update Fordow Fortinet Fortnite Forum-1 Fourth-Party Risk France Fraud Fraud Detection Fraud Prevention Free VPN FreeType FS-ISAC FTC Funding Fuzzing G7 GDPR GenAI GenAI Security Generative AI Geopolitics getAppFileBytes Gh0stRAT GhostTap GIF File Parsing github GitHub GitHub Abuse GitHub Actions github phishing github security Global Cyber Alliance Gmail GodFather Trojan Golang Google Google Calendar Google Play Google Play Protect Google Play Store Google Threat Intelligence Group Government Government Ban Government Security GPS Trackers Graph Theory Graphite GRC (Governance, Risk, and Compliance) GRE Tunneling GreyNoise Guest Account HackerOne Hacking Hacking Group Hacktivism Hacktivist Hardware Security Headphones Healthcare Healthcare Cybersecurity Healthcare Data Healthcare Fraud Healthcare Industry Help Desk Help Desk Scams Home Office Honeypot Hosting Provider Hosting Providers Hot Wallet HTTP Request Smuggling Huione Group Human Trafficking HVCI Hybrid Cloud hybrid TLS Hybrid Warfare Hypervisor-Protected Code Integrity (HVCI) IBM X-Force ICS ICS (Industrial Control Systems) ICS Security IDE Extensions IDE Security Identity and Access Management (IAM) Identity Check Identity Management Identity Proofing Identity Protection Identity Theft Identity Verification Identity-Based Attacks Iframe Image Theft Impersonation Scams Improper Access Control Improper Authentication In-App Purchases INC Ransom INC Ransomware Incident response Incident Response Incident Response (IR) Incogni Indian Government Industrial Control Systems (ICS) Inferno Drainer Information Commissioner's Office (ICO) Information Disclosure Information Stealers Information Stealing Infostealer Infostealer Malware infostealers Infostealers Initial Access Initial Access Broker Initial Access Vector Input Validation Insider Threat Insider Threats Insurance Industry IntelBroker Intelligence Gathering Internet Blackout Internet Censorship Internet Security Internet Service Providers (ISPs) Internet Shutdown Interpol Intune Investment Fraud iOS iOS Security IoT IoT Devices IoT Security IOT security IP Camera IP Cameras IP Scanning iPhone Iran Iran Cyber Threat Iranian Cyber Operations Iranian Cyberattacks Iranian Hackers Iranian Hacktivists Iranian Threat Actor Israel IT Management IT Outage IT Systems Jailbreaking Java Deserialization JavaScript JavaScript Injection Jira Service Management (JSM) Jitter-Trap Job Displacement Job Market JP2 File Parsing JPCERT/CC JSON JSON Web Token (JWT) Just-in-Time Access Kaleris Navis N4 Karmanos Cancer Institute Kaseya Kaspersky Kaspersky Password Manager Keeper Keepnet Labs Kernel Crypto API Kernel Exploitation Kernel Security Keylogger Keyloggers Khabaronline News Agency Known Exploited Vulnerabilities Known Exploited Vulnerabilities (KEV) Krispy Kreme LapDogs Large Language Models (LLMs) LastPass Lateral Movement Law Enforcement Law Enforcement Action Lazarus Group leaks Legacy Authentication Legacy Drivers Legacy Infrastructure Legacy Software legacy systems Legacy Systems Legal Services Legislation Let's Encrypt Linux Linux Distribution Linux Malware Liveness Detection Living Off the Land Living Off The Land llm LLM Security LNK Files Los Angeles Police Department (LAPD) Machine Identities Machine Learning macOS macOS Security Maine Attorney General's Office Malvertising malware Malware malware analysis Malware Analysis Malware Distribution Malware Protection Malware-as-a-Service Malwarebytes Managed Service Provider (MSP) Managed Service Providers Mandiant Manufacturing Mark-of-the-Web Marvell Marvell QConvergeConsole MCP (Model Context Protocol) Medical Devices Memory Overflow Memory Overread Memory Safety Memory-Safe Languages Mental Health Mescius Messaging Messenger Meta Metrics MFA Bypass MFA Fatigue Microsoft Microsoft 365 Microsoft Azure Microsoft Defender Antivirus Microsoft Entra Microsoft Exchange Microsoft Insider Program Microsoft Intune Microsoft Teams Middle East Mikrotik Military Technology Minecraft Mirai Mirai Botnet Misinformation MISP Mitigation Mitigation Strategies Mitigation Techniques MITRE ATT&CK Mitsubishi Electric MLS (Messaging Layer Security) Mobile Device Security Mobile Security Mobile Threats Mocha Manakin Model Context Protocol (MCP) Modular Architecture Monero Monero Mining Money Laundering Money Mules Motors Theme MOVEit Transfer MSI Installer MSR Registers Multi-Factor Authentication Multi-Factor Authentication (MFA) Multi-Factor Authentication (MFA) Bypass Multi-Factor Authentication (MFA) Bypassing Multi-Factor Authentication Bypass Multifactor Authentication Multisig Wallets Mustang Panda Nation-State Actors Nation-State Attack National Security NATO NCSC NCSC-FI Netcraft NetScaler NetScaler ADC NetScaler Gateway NetSupport RAT network Network Security NeuralTrust New Hires NFC NHS nist NIST 800-207 NMP Web+ No-Code Security Nobitex NodeInitRAT NodeJS Non-Human Identities (NHI) Non-profit Organizations Nonprofit Cybersecurity NordPass North Korea North Korean hackers North Korean Hackers Notepad++ Notification Notification Letter npm NPM NSA NSO Group NTLM Relay Nuclear Facilities nuclear weapons Nucor oauth OAuth Obfuscation OCR Offensive Security OKX OneDrive Online Recruitment Online Scam Online Scams Open Source Open Source Security Open Source Software (OSS) Open VSX Open VSX Registry Open-Source Open-source tools OpenAI OpenSSL Operational Relay Box (ORB) Operational Relay Boxes (ORBs) Operational Technology (OT) Security Optical Character Recognition ORB (Operational Relay Box) Organizational Change Management (OCM) OS Command Injection os.path.realpath() OSINT OT OT Security Out-of-bounds Read Out-of-Bounds Read Out-Of-Bounds Read Out-of-Bounds Read Vulnerability Out-of-Bounds Write Out-Of-Bounds Write OWASP OWASP Juice Shop OWASP Top 10 for LLMs oxford city council Oxford City Council Packet Blocking Packet Injection PaperCut NG Paragon Paragon Solutions Partnerships passkeys Passkeys Password Cracking Password Generators Password Hashing Password Management Password Manager password managers Password Managers Password Reset Password Reset Vulnerability Password Security Password Stealing Passwordless Passwordless Authentication passwords Passwords Paste and Run Patch Patch Available Patch Management Patching Patents Path Traversal Patient Data Patient Safety Payday Loans PDF PDF-XChange Editor Pen Test Partners Penetration Testing Permissions Persistence personal data Personal Data Personal Information Personally Identifiable Information Personally Identifiable Information (PII) PHI phishing Phishing Phishing Kit Phishing Resistance Pig Butchering Scam PII PII (Personally Identifiable Information) Plant Disruption Play Ransomware Play Ransomware Group Plugin Policy Pornography PoshC2 post quantum cryptography Post-Exploitation Post-Quantum Cryptography powershell PowerShell pqc PRC File PRC File Parsing Predatory Sparrow Predictable Names Pricing Principle of Least Privilege printer vulnerability Printers privacy Privacy Privacy Browser Private DNS Mode Private Key Compromise privilege escalation Privilege Escalation Privileged Access Management (PAM) Professional Services Automation (PSA) Prometei Prometei Botnet prompt injection Prompt Injection Prompt Injection Vulnerability Proof of Concept Prophet Security Proton Pass ProtonVPN Proxy ProxyLogon ProxyShell Psychological Warfare Public Sector Cybersecurity Public-Private Partnership Purple Teaming Python QConvergeConsole Qihoo 360 Qilin Qilin Ransomware QR Code Quantum Computing Qubit RAF Random Password Generator Randomness Ransom ransomware Ransomware Ransomware-as-a-Service (RaaS) Rapid7 RapperBot RAT RAT (Remote Access Trojan) RCE reconnaissance red Red Canary Red Team Tools Red Teaming Redirection Reflected Input Vulnerability refueling Registry Abuse Regulation Regulatory Compliance Remcos Remote Access Remote Access Security Remote Access Trojan Remote Attack remote code execution Remote Code Execution Remote Code Execution (RCE) Remote Desktop Protocol (RDP) Remote Monitoring and Management (RMM) Renault Clio Retail Retail Industry Retail Security Retaliation reverse engineering Reverse Engineering Reverse Proxy Reverse Shell ReversingLabs REvil Risk Assessment risk management Risk management Risk Management Risk Prioritization Root Privilege rootkit Rootkit RouterOS RSS Widget ruby Ruby Ruckus Wireless runtime platforms Russia Russian Hackers SaaS SaaS Security Salary Transparency Salt Typhoon Sandbox sandbox evasion SAP SAP GUI SAST Satellite Imagery Saudi Arabia SAVE Database SBOM Scam Blocker Scam Crypto Scam Detection Scam Protection Scams Scanning Scanning Activity Scareware Scattered Spider Schneider Electric SD-WAN Search Engine Poisoning Search Parameter Injection SEC Filing Secure by Design Secure Coding Practices Security Security Advisory Security Budgets security camera Security Defaults Security Development Lifecycle (SDL) security keys Security Operations Security Risks Security Update security updates Security Updates SecurityScorecard Seed Funding Self-Service Password Reset (SSPR) Self-Updating Malware Sensitive Information Disclosure SEO poisoning SEO Poisoning Service Disruption ServiceStack Session Hijacking Settlement Shadow IT ShinyHunters ShortLeash Side-loading SideCopy SIEM SIEM Integration Siemens Sight Bulb Pro Signal Silver Fox Simatic PCS Skills Gap Skills Shortage SlimAgent Smart Contracts smart home Smart TV Security SMB SME Cybersecurity Smishing SnakeStealer SOAR SoC SOC SOC (Security Operations Center) SOC Analyst Burnout social engineering Social Engineering Social Media Social Media Outage Social Security Numbers Software Development Software Supply Chain Software Supply Chain Attacks Software Supply Chain Security Software Update SOHO SOHO Devices SOHO Routers SonicWall Southeast Asia SparkCat SparkKitty Spear Phishing Spear-phishing Spear-Phishing Spearphishing Sponsored Ads Spoofing spyware Spyware SQL Injection SSH SSRF State Regulation State-Sponsored Actors State-Sponsored Attack Static Analysis Stealer Stealers Stolen Credentials Stuxnet StylemixThemes subdomain enumeration Subscription Management SuperCard X Supply Chain supply chain attack Supply Chain Attack Supply Chain Attacks Supply Chain Security Surfshark Surveillance Survey Scams Surveys Symbolic Link Symlink Systemic Cyber Event TAG-140 Taiwan TarFile.extract() TarFile.extractall() TeamViewer Tech Support Scams Telecom Telecom Security Telecommunications Telegram Telemarketing Teleport Tether (USDT) Texas Attorney General Third-Party Investigation Third-Party Risk Third-Party Risk Management Threat Actor Threat Actors Threat Detection Threat Hunting Threat Intelligence Threat Landscape Threat Protection threats Throttling TikTok Timelocks tips TLA+ TLS Certificate TLS/SSL Certificates tools tor Tor Tor Network Training Transparency Transportation Industry Trend Micro Trend Micro Zero Day Initiative TRM Labs Trojan Troubleshooting Trusted Locations Trustwave Truth Social ttp TTPs Tudou Guarantee two-factor authentication Two-Factor Authentication Two-Factor Authentication (2FA) bypass Typosquatting U.S. House of Representatives U3D File Parsing UBS UDF File Parsing UDP Flood UDP Port 500 uk UK UK Cybersecurity Market UK Government UK Local Authority Ukraine Unauthenticated Unauthenticated Access Unauthenticated Vulnerability Unauthorized Access UNC6293 Unified Platform United States Unofficial App Stores Unrestricted File Upload UPX Packer US Department of Justice US Military USCIS Use-After-Free User Interaction Required Varonis Verizon Business Violence-as-a-Service Virtualization Virtualization-Based Security (VBS) VirusTotal Visibility Visual Studio Volt Typhoon Voter Disenfranchisement Voter Fraud VPN VPN Security vulnerabilities Vulnerabilities vulnerability Vulnerability Vulnerability Advisory Vulnerability Analysis Vulnerability Detection Vulnerability Disclosure Vulnerability Exploitation vulnerability management Vulnerability Management Vulnerability Reporting Vulnerability Scanning VXLAN Wallet Drainer Wallet Security Web Application Security Web Shells Web3 Webflow WEBrick WebRTC Website Hijacking websites Whatsapp WhatsApp Windows Windows 10 Windows 10 ESU Windows 365 Windows Kernel Windows Registry Windows Update WinJS WinRAR WooCommerce Wordfence WordPress WordPress Plugin Work-Life Balance Worldleaks WormGPT X-Frame-Options XMRogue XSS ZDI ZDI-25-409 ZDI-25-414 ZDI-25-416 ZDI-25-417 ZDI-25-418 ZDI-25-424 ZDI-25-426 ZDI-25-427 ZDI-25-429 ZDI-25-436 ZDI-25-437 ZDI-25-441 ZDI-25-442 ZDI-25-444 ZDI-CAN-26528 ZDI-CAN-26724 ZDI-CAN-26731 Zero Day Initiative zero trust Zero Trust Zero Trust Architecture Zero Trust Security zero-click exploit Zero-day Zero-Day Zero-day Exploit Zero-Day Exploit Zero-Day Exploitation Zero-Day Vulnerability Zip Slip Zoom Zscaler Zyxel
Categories All Access Control Access Management Account Security Advanced Persistent Threat Advanced Persistent Threats (APT) Advisory AI Governance AI Governance and Policy AI in Cybersecurity AI Risk Management AI Security AI-Powered Development Tools AI/ML Security Anti-Scam API Security Application Security Application Security (AppSec) Application Security Testing APT APT (Advanced Persistent Threat) APT Analysis Artificial Intelligence Artificial Intelligence (AI) Artificial Intelligence (AI) Security Artificial Intelligence / AI Security Artificial Intelligence in Cybersecurity Artificial Intelligence Security Attack Surface Reduction Attack Vectors Authentication Authentication and Access Management Authentication Methods Authentication Security Automotive Cybersecurity Blockchain Security Botnet Botnet Analysis Botnet Detection and Mitigation Breach Notification Browser Security Censorship Cloud Computing Cloud Computing Security Cloud Security CMS Security Code Execution Compliance Consumer Protection Credential Theft Critical Infrastructure Security Cryptocurrency Security Cryptography Cyber Attack Cyber Espionage Cyber Incidents Cyber Law & Legislation Cyber Law and Regulation Cyber Risk Quantification Cyber Threat Actors Cyber Threat Intelligence Cyber Threat Landscape Cyber Warfare Cyberattack Cybercrime Cybercrime and Law Enforcement Cybercrime Investigation Cybercrime Trends Cybercrime Trends and Analysis Cybersecurity Cybersecurity Alert Cybersecurity Awareness Cybersecurity Awareness and Training Cybersecurity Awareness Training Cybersecurity Economics Cybersecurity for Non-Profits Cybersecurity for Nonprofits/NGOs Cybersecurity Incident Cybersecurity Incident Management Cybersecurity Incident Response Cybersecurity Incidents Cybersecurity Legislation Cybersecurity Management Cybersecurity News Cybersecurity News and Analysis Cybersecurity Policy Cybersecurity Policy and Funding Cybersecurity Policy and Governance Cybersecurity Policy and Law Cybersecurity Policy and Regulations Cybersecurity Risk Management Cybersecurity Strategy Cybersecurity Threat Intelligence Cybersecurity Threats Cybersecurity Workforce Development Data Breach Data Breach Analysis Data Breach Analysis and Response Data Breach Incident Response Data Breach Notification Data Breaches Data Breaches and Leaks Data Loss Prevention Data Privacy data protection Data Protection Data Security Data Security and Compliance Data Security and Privacy Data Security Incident Data Security Incidents DDoS Protection Denial of Service DevSecOps Digital Certificates Digital Forensics Email Security Emerging Technologies Endpoint Detection and Response (EDR) Endpoint Security Enterprise Security Ethical Implications of AI Evasion Techniques Exploit Exploit Analysis Exploit and Threat Intelligence Exploit Development File Manipulation Financial Crime Financial Security Fraud Fraud and Financial Crime Fraud Detection Fraud Management Fraud Prevention Geopolitical Cyber Conflict Geopolitics Geopolitics of Cybersecurity Governance and Compliance Governance, Risk, and Compliance (GRC) Government Cybersecurity Government Cybersecurity Initiatives Government Regulation Government Security Hardware Security Healthcare Cybersecurity Healthcare Security Identity and Access Management Identity and Access Management (IAM) Identity Management Identity Security Incident Management incident response Incident Response Incident Response and Recovery Industrial Control Systems (ICS) Security Industrial Control Systems Security Industrial Cybersecurity Information Security International Cooperation International Relations IoT Security IT Governance Law Enforcement Legal and Compliance Legal and Regulatory Legal and Regulatory Compliance Malware Malware Analysis Malware Behavior Analysis Malware Detection and Analysis Managed Security Services Military Procurement Mobile Device Management (MDM) Mobile Security Nation-State Actors Nation-State Attack Nation-State Cybersecurity National Security National Security Cybersecurity Network Management Network Security Offensive Cybersecurity Offensive Security Online Safety Open Source Intelligence (OSINT) Operating System Security Operating Systems OT Security Password Management Password Security Patch Management Patching and Mitigation Phishing Phishing & Social Engineering Phishing and Social Engineering Phishing Awareness Phishing Defense Physical Security PKI (Public Key Infrastructure) Policy and Regulation Privacy Privacy & Data Protection Privacy and Anonymity Privacy and Surveillance Privacy Engineering Privacy Enhanced Technologies Privacy Enhancing Technologies Privacy Risks Privacy Tools Privacy Violations Product Security Product Security Advisory Quantum Cryptography Ransomware Ransomware Attack Ransomware Attack Analysis Ransomware Attacks Ransomware Protection Ransomware-as-a-Service (RaaS) Reconnaissance Remote Access Vulnerability Remote Code Execution (RCE) Retail Cybersecurity Reverse Engineering Risk Management Risk Management and Compliance Secure Coding Practices Security Advisories and Alerts Security Automation Security Awareness Security Awareness Training Security Information and Event Management (SIEM) Security Operations Security Operations Center (SOC) Security Program Management Security Standards and Compliance Security Testing and Validation Smart Contract Security SME Security Social Engineering Social Engineering & Phishing Software Development Software Security Software Supply Chain Security Software Updates Supply Chain Security Surveillance Technology Third-Party Security Threat Actor Threat Actor Activity Threat Actor Analysis Threat Actor Tracking Threat Actors Threat Analysis Threat and Vulnerability Management Threat Detection Threat Detection and Analysis Threat Detection and Incident Response Threat Detection and Prevention Threat Detection and Response Threat Intelligence Threat Intelligence Sharing Threat Landscape Threat Management Vulnerability Vulnerability Advisory Vulnerability Analysis Vulnerability and Exploit Vulnerability and Patch Management Vulnerability Assessment Vulnerability Assessment and Management Vulnerability Disclosure Vulnerability Exploitation Vulnerability Intelligence vulnerability management Vulnerability Management Vulnerability Research Web Application Security Web Security Web3 Security WordPress Security
Threat Actor All 313 Team Access Broker Advanced persistent threat (APT) actors Agrius AI-powered attackers Akira Akira ransomware group Aleksey Malozemov Alphv/BlackCat ALPHV/BlackCat Andrey Bessonov Androxgh0st botnet operators Anubis ransomware gang APT Salt Typhoon APT-Q-14 APT28 APT29 APT34 APT35 APT42 Artem Zayets Authenticated attackers Authenticated Malicious User Banana Squad Banished Kitten Baphomet Beanstalk Hackers Birdie Kingston Black Basta Affiliate Tinker BlackCat BlueNoroff Br0k3r Bybit Hackers CanadianKingpin12 Charming Kitten China China-linked threat group China-Nexus actors China-nexus Advanced Persistent Threats (APTs) China-Nexus group China’s Salt Typhoon Hackers Chinese Communist Party (CCP) Chinese Cybercrime Gang Chinese Hackers Chinese state-backed hackers Chinese threat actors from the Smishing Triad CL-CRI-1014 Cl0p Clop Commando Cat Connor Brian Fitzpatrick Conor Fitzpatrick Creators of WormGPT Criminal Groups Criminals CroodSolutions Cyber actors affiliated with the Iranian government Cyber Av3ngers Cyber Fattah CyberAv3ngers Cybercriminal CyberN Daniil Puzyrevsky DarkHotel DeepSeek DieNet Digital Thieves Dire Wolf Dmitry Korotayev DoppelPaymer DragonForce DragonForce ransomware group Educated Manticore Election Integrity Network Eleven11bot botnet Eleven11bot Operators EvilConwi External threat actor targeting Atlassian's MCP Financially motivated cybercriminal groups FormBook fraudsters Fraudsters Godfather Android Trojan Gonjeshke Darande Group of alleged hackers behind Breachforums groups such as Hamas, Lebanese Hizballah, the Houthis Hackers backing Tehran Handala team Harvest Now, Decrypt Later Hensi Hive0154 HomeLand Justice Huione Group Imperial Kitten INC INC Ransom INC RANSOM Inferno Drainer Inferno Drainer Operators Initial Access Broker IntelBroker Interlock International ransomware group Intruders compromising Ring cameras Iran Iran-aligned hacktivists and state-sponsored actors Iran-backed hackers and hacktivists Iran's Islamic Revolutionary Guard Corps Iran’s Islamic Revolutionary Guard Corps (IRGC) Iranian government-affiliated actors Iranian hacktivists and state-sponsored actors Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC) Iranian nation-state actors Iranian state-sponsored hackers Iranian state-sponsored hacking group associated with the Islamic Revolutionary Guard Corps (IRGC) Iranian threat actors Islamic Revolutionary Guard Corps Israel Israeli hackers Joseph Daniel Schmidt Kai Logan West Kai West Killnet LapDogs Large criminal syndicates based in Africa Lazarus Group Leonidas Varagiannis Mikhail Golovachuk Mirai Mirai botnet Mirai Botnet Operators Mirai-variant botnet Mocha Manakin mommy Money Mule Operators MuddyWater Mustang Panda Nation-state actor Nation-State Actor Nation-State Threat Groups Nation-state-aligned threat actors Neighborjackers Nicholas Michael Kloster NoName057(16) North Korea North Korean Hackers North Korean state-sponsored threat actors NSO Group Omnipotent OneClik Organized Cybercriminal Groups Organized fraud groups Organized Fraud Ring Other threat actors Paragon People's Liberation Army (PLA) Phone Scammers Pioneer Kitten PLAY ransomware Play ransomware gang Play ransomware group Pompompurin Prasan Nepal Predatory Sparrow Pro-Iranian hacktivists Prometei Prometei threat actor Qihoo 360 Qilin Qilin ransomware group Radiant Capital Hackers RansomHub Ransomware actors Ransomware affiliates Ransomware gangs Ransomware group Ransomware groups Ransomware Installers RapperBot Remote attackers REvil Rhysida Rhysida Affiliate Rogue Ring workers Roman Muromsky Ruslan Khansvyarov Russia Russia-sponsored threat actor Russian Hackers Russian ISPs Russian state-sponsored actors Russian state-sponsored entity Russian-speaking threat actor Ryuk Affiliate Safepay Salt Typhoon Sandworm scam artists Scammers Scammers in Nigeria and Ivory Coast Scattered Spider ShinyHunters SILENT CHOLLIMA Silent Werewolf Silver Fox Sinaloa Cartel Hacker Single Bad Actors Skynet SparkCat Threat Actor Stargazers Stargazers DaaS Stargazers Ghost Network State-affiliated actors State-backed cyber actors Stealers TAG-140 TaxOff Tech support scammers The Actors behind the Trojanized SonicWall NetExtender App Threat actors exploiting CVE-2025-5777 Threat groups in West Africa Transparent Tribe Two 18-year-old men from Western Sweden UAC-0226 UAT-5918 Unauthorized attackers UNC6293 United States Unnamed threat actors using ChatGPT Unspecified Threat Actor Exploiting CVE-2025-5777 Volt Typhoon Water Curse WazirX Hackers Weaver Ant West African groups Worldleaks XDSpy Yaroslav Vasinksyi
Actor Aliases All 0ktapus 313 Team Adalat Ali Agent Serpens Alluring Pisces Androxgh0st APT-C-06 APT33 APT35 APT36 APT38 APT42 Arabian Ghosts ATTACKER1 Autumn Breeze Pte. Ltd bananasquadru Black Alicanto BlackCat BlueBravo BO Team Br0k3r xplfinder CageyChameleon CALANQUE Callisto Group Charming Kitten CharmingCypress Chinese APT group CitrixBleed CitrixBleed 2 CITYLIGHT MEDIA PRIVATE LIMITED CL-CRI-1014 CL-STA-0240 Cleta Mitchell ClickfixorfakeCAPTCHA Cloaked Ursa Cobalt Illusion Conor Fitzpatrick Copernicium Cozy Bear CozyDuke CozyLarch Cyber Av3ngers Cyber Fattah cyber scum CyberAv3ngers cybercriminals Dalbit DeceptiveDevelopment Depressed DEV#POPPER DieNet Diogo Santos Coelho Earth Estries Earth Simnavaz Earth Vetala Educated Manticore Eleven11bot Faketivist Famous Chollima Feeling Blue Flax Typhoon ForumTroll Fox Kitten FraudGPT GIFTEDCROOK Godfather Gold Feather Gonjeshke Darande Gonjeske Darande Graphite GreenCharlie Gwisin Gang hacker hackers Haowang Guarantee Helix Kitten HIUPAN Hollow ICECAP Inc Ransomware Indra Inferno Drainer Intelbroker IntelBroker ITG18 Kai Logan West Kai West Kyle Northern LapDogs Lazarus Lemon Sandstorm Lighthouse Magic Hound Megafon MERCURY MeteorExpress MGTS Midnight Blizzard Midnight Hammer Mint Sandstorm Mint Sandstorm (formerly Phosphorus) Mirai-variant botnet MISTCLOAK Miya Miyako MTS Muddled Libra MuddyWater Mule as a Service MYTHIC LEOPARD Newscaster Nickel Gladstone Nobelium NobleBaron Noct NoName057(16) Noroff Octo Tempest OilRig Oktapus Parisite People’s Liberation Army Phosphorus Pink Sandstorm Pioneer Kitten Play ransomware PolarEdge pompompurin Pompompurin PRC Predatory Sparrow pro-Iranian hacktivists ProjectM Prometei Pseudo Hunter PurpleHaze Rabotnik Rostelecom RUBIDIUM Russian cybercriminal group Salt Typhoon Sapphire Sleet Scatter Swine Seedworm Serpens ShinyCorp ShinyHunters ShortLeash SideCopy Skynet Snake Keylogger SnakeStealer Sodin Sodinokibi SparkCat SparkKitty Sphinx Star Fraud Stardust Chollima Starfraud Static Kitten Sylhet Gang TA444 TA453 Team 313 Team Fearless Team46 TEMP.Zagros Tenacious Pungsan The Boys The Com The Com (aka Comm) The Dukes tinker TraderTraitor Trinper Tudou Guarantee Two pro-Palestinian hacking groups Typhoons U2DiskWatch UAC-0001 UAT-5918 UNC3944 UNC5342 UNC6293 UNC757 UNC788 Vanilla Tempest Vimpelcom Void Arachne Void Dokkaebi Volt Typhoon Water Galura WordPress Core WormGPT Xinbi Guarantee Yellow Garuda ZeroDayX
Exploit Method All 2FA Relay Attacks Abuse of Active Directory Certificate Services Abuse of Azure Service Principal Identities for Privilege Escalation Access to Historic Data on Legacy Systems Access to Legacy Systems Account Takeover Account Takeover and Crypto Burning ACR Data Misuse Active Directory Reconnaissance Active Directory Reconnaissance Post-Exploitation Active Exploitation Adjacent Network Root Command Execution via Port 16668 Age Verification Bypass using VPNs AgentSmith AI Agent Vulnerability AI Agent Deception and Threat AI Governance Failures Due to Lack of Organizational Change Management (OCM) AI Jailbreaks AI Model Poisoning AI-accelerated exploits AI-Driven Attack Surface Expansion AI-Driven Autonomous Exploitation AI-Enabled Phishing and Impersonation Scams AI-Fabricated Software Component Injection AI-powered Deepfake Financial Scams AI-Powered Vulnerability Exploitation AiTM (Adversary-in-The-Middle) Phishing Alert Fatigue and Brittle Automation Logic Alternate Data Streams (ADS) Exploitation AMI MegaRAC BMC HTTP POST Request and Cloud Escalation and MFA fatigue and Multifactor Push Bombing Android Accessibility Services Abuse Anonymous Threat Reporting Vulnerability API Endpoint Discovery and Exploitation App_Object_Use-After-Free_Remote_Code_Execution App-Specific Password (ASP) Social Engineering App-Specific Password Abuse via Social Engineering Apple Enterprise Provisioning Profile Abuse AppleScript Malware Dropper Application Specific Password (ASP) Social Engineering APT28 Signal Malware Campaign APT42 Phishing Campaign Arbitrary File Upload Arbitrary File Upload to Privileged Directories Arbitrary Shell Command Execution Arbitrary User Password Change ARBITRARY_FILE_UPLOAD_ROOT_EXECUTION Attacks on Critical Infrastructure Attracting and Retaining Cybersecurity Talent in UK Public Sector Due to Low Salaries Authentication Bypass and Firmware Tampering Authorization Bypass via Hardlinks Authorized Push Payment (APP) scams AutoPwnKey - AV Evasion via Simulated User Interaction AWS Reconnaissance via Backup Service Enumeration AWS Session Token Hijacking Azure App Services Information Disclosure Azure Container Registry Name Prediction Backdoored LLMs Backdoored LLMs via Python Deserialization (Pickle Module) Backdoored Sakura-RAT Bad Shares Bank Sepah Disruption via Predatory Sparrow Bash History Manipulation Bias Amplification in AI Models Boot Disk Bypass Authentication Broadcast Interruption Broken Access Control Broken Object Level Authorization (BOLA) Browser Fingerprint Spoofing Browser Fingerprinting for Ad Tracking and Bypassing GDPR/CCPA Browser Password Theft Brute Force Attacks Brute force attacks targeting critical infrastructure Brute-force Brute-force Attacks Brute-Force Attacks Brute-forcing Administrator Passwords Brute-forcing Credentials Burnout Due to Lack of Work-Life Balance and Executive Support Business Email Compromise (BEC) Business Impersonation via SEO Poisoning and Fake Websites Business Logic Vulnerabilities BYOD Wi-Fi Network Exploitation Bypassing Digital Certificate Validation Bypassing Network Security Controls with Starlink Bypassing Safety Protections (Character Injections and Perturbations) Camera System Exploitation CAN Bus Injection Carding Centralized Multisig Compromise Certificate Expiration Leading to Service Outages Chaining CVE-2025-6018 and CVE-2025-6019 Chaining Vulnerabilities ChatGPT_Malware_Authoring Circumventing Security Camera Login Cisco ASA Firewall Vulnerability and Lateral Movement Cisco Vulnerability Exploitation by Salt Typhoon CitrixBleed CitrixBleed 2 Session Hijacking Clearing command history for obfuscation ClickFix ClickFix Attack ClickFix-style Social Engineering ClickOnce Abuse Client-Side Exploitation Client-Side Supply Chain Attack via Malicious Doodle Image Clipboard Hijacking by Atomic Stealer Clipboard Redirection Abuse Cloud Misconfigurations Leading to Data Exposure Cloud Resource Consumption Abuse Cloudflare Tunnel Abuse for Malware Delivery CoinMarketCap and Cointelegraph Phishing Pop-ups COM Hijacking for Persistence COM-hijacking Command and Control (C2) Operations Command Injection Communications Network Hijacking (El Al flights) Compromise of Public-Facing Portals Compromise of Unitronics Vision Series PLCs/HMIs Compromised Banner Publishing System Compromised Credentials Compromised Credentials on the Dark Web Compromised Device leading to Unauthorized Access at Viasat Compromised IoT Devices for Botnets Compromised Microsoft Accounts Compromised Non-Human Identities via Leaked Secrets Compromised Online Accounts Compromised Password Bypass with Passkeys Compromised Router and IoT Device as ORB Nodes Compromised Security Cameras for Espionage Compromised SOHO Devices in ORB Networks Compromised SOHO/IoT Devices as ORBs Compromised Zoom Extension for Malware Delivery Compromising Unpatched Devices Configuration File Extraction ConnectWise Context Poisoning Context Poisoning Attacks via MCPs Control Flow Flattening in JavaScript to deliver Remcos Copy-Paste of Generated Passwords Counterfeit Hardware Crafted API Request (CVE-2025-20281) Crafted API Request Privilege Escalation Credential Access Attempts Credential Harvesting Credential Harvesting via Spear-Phishing Credential Phishing Credential Phishing via Signal Credential Stuffing Credential Stuffing via Infostealer Malware Credential Stuffing/Reuse Credential Theft Credential Theft and Database Dump Credential Theft and Proxy Setup Credential Theft for Proxy Setup Crescendo Cross-Origin Iframe Information Disclosure Cross-Platform Keylogger Crowhammer attack on Falcon Cryptocurrency Exchange Compromise Cryptocurrency Investment Fraud and Money Laundering Custom Encryptor Deployment Custom Malware for Remote Control of Systems Custom Malware Targeting Fuel Management Systems (Gilbarco Veeder-Root) Custom Phishing Kits CVE-2025-6543 Exploitation Cyber Espionage Cyber Fattah SQL Dump Cyber Surveillance and Targeting of Civil Society Cyber-attacks of a very high degree of technical complexity Cyberattack Cyberattack on UK Retailers Cyberattack on UNFI D-Link DIR-859 Account Credential Theft D-Link DIR-859 Path Traversal for Account Dumping Dark Patterns Data Breach Data Breach Leading to Sensitive Data Exposure Data Breach of ID Verification Company Data Breach of Legacy Systems Data Breach via BreachForums Data Breach via Unspecified Vulnerability Data Breaches and Leaks Data Broker Non-Registration Data Deletion Attack Data Destruction at Bank Sepah Data Destruction/Burning of Crypto Assets Data Deviation/Hallucination/Unethical Actions Data Erasure and Service Disruption at Bank Sepah Data Exfiltration Data Exfiltration and Fund Burning via Vanity Addresses Data Exfiltration and Sale Data Exfiltration and Sale on Dark Web Marketplaces Data Exfiltration and System Sabotage Post-Compromise Data Exfiltration via Chinese-Owned VPNs Data Exfiltration via Telegram Channel Data Exfiltration via VPN Apps Data Exploitation via ACR Data Extraction for Surveillance Data Leakage via AI Applications Data Leakage via GenAI Prompts Data Leaks Data Poisoning Data Poisoning in Retrieval Augmented Generation (RAG) Data Theft and Sale Data Theft and Sale on BreachForums Data Theft from Cryptocurrency Exchange Data Theft via Clipboard Redirection Data Wiping (Built-in Wiper) DDoS DDoS Attack DDoS Attack on Orion Telecom DDoS attack on Truth Social DDoS Attack via Botnets DDoS Attacks Decrypt Later Deepfake Disinformation Deepfake Enabled Social Engineering Leading to Malware Installation Deepfake Spearphishing Deepfakes Default Admin Password Generation Default Password Generation Default Password Usage in Programmable Logic Controllers deleteAppFile Directory Traversal Arbitrary File Deletion Denial of Service via CVE-2025-6543 Denial-of-Service (DoS) via Network Overload Denial-of-Service Attacks via CVE-2025-6543 Dependency Confusion Dependency Confusion Attack Deserialization of Untrusted Data in ReadValue Method Deserialization of Untrusted Data via readObjectFromConfigFile Destructive Malware (Data Wipers) Device Join Phishing Digital Sextortion Directory Traversal Arbitrary File Deletion and Information Disclosure Directory Traversal Arbitrary File Deletion in deleteEventLogFile method Directory Traversal Arbitrary File Write Directory Traversal in compressDriverFiles Directory Traversal in compressFirmwareDumpFiles Directory Traversal Information Disclosure via getFileUploadSize method Directory Traversal via getAppFileBytes Directory Traversal via getDriverTmpPath Distributed Denial-of-Service (DDoS) and Defacement Distributed Denial-of-Service (DDoS) Attacks DLL Hijacking/Executable Injection via Insecure Search Paths DLL Side-Loading DLL Side-Loading via Shine.exe DNS Interception/Spoofing via Unencrypted DNS Queries DNS Query Interception on Public Networks DNS Tunneling Data Exfiltration DNS-based Attacks Domain Hijacking for SEO Poisoning DoppelPaymer Ransomware Attack Double Extortion DragonForce Ransomware and Data Exfiltration Early Bird APC Injection Eavesdropping and Call Initiation Echo Chamber Echo Chamber Attack Echo Reflection Electromagnetic Environment Vulnerability Email System Outage Leading to Unsecured Alternatives Enterprise Provisioning Profile Abuse (iOS App Distribution) Enterprise Provisioning Profile Abuse (iOS) ESI_Injection_Avalanche EternalBlue EvilConwi Authenticode Stuffing Excessive Agency Excessive Container Privileges Executable disguised as shortcut using .PIF Extension Exploitation of Default Settings and Outdated Software Exploitation of Expired Certificates Exploitation of known vulnerabilities Exploitation of Known Vulnerabilities for Initial Access Exploitation of Misconfigured Cloud Instances Exploitation of Older Software and Hardware in IoT Devices Exploitation of Open Ports Exploitation of Security Weaknesses Exploitation of Software Vulnerabilities (WinRAR) Exploitation of Unpatched Vulnerabilities Exploitation of Virtualized Environments for Lateral Movement and Persistence Exploitation of Vulnerabilities Exploitation of vulnerabilities for initial access Exploitation of Vulnerable Public Services Exploitation via SSHD process Exploited Attack Paths Exploiting AI with Sensitive Data Exploiting OT Devices Exploiting Poorly Secured Networks Exploiting Smaller Agencies as Toeholds Exploiting Vulnerable Applications Exposure of Secrets in Public Code Repositories Fake E-commerce Stores Fake Installer Distribution with Sideloading Fake Nginx Web Server and TLS Certificate Impersonation Fake Online Stores False Positive Exploitation False Positives Faulty Antivirus Update Causing System Crashes Faulty File Update (CrowdStrike) FileFix Financial Fraud and Computer Crimes by REvil Flodrix Botnet Delivery via Langflow CVE-2025-3248 Flodrix Botnet Delivery via Langflow Vulnerability Flodrix Botnet targeting Langflow servers FormBook Stealer Using Registry for Stealth FortiOS CLI Password Decryption via Hardcoded Key Fraudulent Websites (Information Stealing) getFileUploadBytes Directory Traversal GIF File Parsing Heap-based Buffer Overflow GitHub Abuse for Malware Hosting and Staging GitHub Code Obfuscation via Trailing Spaces GitPhish_OAuth_Device_Code_Phishing GodFather Android Trojan Virtualization Exploit GodFather Overlay Attack Godfather Trojan Sandbox Exploitation Google Sites Phishing GoogleFiber Router Settings Access Government Device Ban due to Security Concerns Granting Accessibility Permissions to Malicious Apps Graphite Spyware iMessage Zero-Click Exploit GRE Tunnel Configuration GRE Tunnel Configuration for Data Exfiltration GRE Tunnel Configuration for Traffic Collection GRE Tunnel Deployment Guest User Subscription Takeover Hack-and-Leak Operations Hardcoded Credential Login Harvest Now Hello Barbie Eavesdropping Help Desk Scams HexEval Loader and BeaverTail Stealer HID injection attacks (like USB Rubber Ducky) Hijacking Bluetooth connection and issuing commands HTTP Request Smuggling Identity Threats (Fraud) IKE Packet Exploitation for RCE via UDP Port 500 Image Exfiltration with OCR Improper Use of Mobile Devices Leading to Data Breaches Improperly Configured Server INC Ransom Exploitation Incompatible Refueling Systems Incorrect Folder Permission Exploit Indirect Prompt Injection Inferno Drainer Wallet Drain Information Gathering via HTTP Response Codes and Headers Infostealer Malware Infostealer Malware Deployment Infostealer-enabled credential harvesting Initial Access Broker (IAB) Exploiting Network Vulnerabilities Initial Access Brokering Insecure Firmware Update Mechanism Insecure Network Connection (Lack of VPN) Insecure Outputs Insider Access/Abuse Insider Threats via Access Mismanagement and Poor RBAC Hygiene IntelBroker Data Theft and Sales Intercepted SMS Messages/Email Links Internet Shutdown to Prevent 'Enemy Abuse' Internet-exposed Systems and Vulnerabilities Allowing Unauthenticated Remote Code Execution Internet-Facing Network Device Exploitation IOCONTROL Malware IOCONTROL malware targeting IoT/OT devices iOS Provisioning Profile Abuse Iranian Hacktivist Cyber Attacks on US Critical Infrastructure Jailbreaking Legitimate LLMs Jailbreaking LLMs Java Deserialization RCE JavaScript Keylogger Injection JavaScript Skimming JNDI Injection JP2_File_Parsing_Out_Of_Bounds_Write JWT Authentication Attack Kaleidoscope Adware 'Evil Twin' Kaseya Supply Chain Attack Kernel Driver Crash via Improperly Tested Update Kinetic Bombardment of Underground Facilities Lack of Cyber Hygiene Lack of GenAI Security Policies Lack of SME Cybersecurity Implementation Lack of transparency and data encryption in WhatsApp Lateral Movement Lateral Movement via Unscanned Server Legacy Authentication Protocol Exploitation Legacy Driver Exploitation Legacy Infrastructure Limiting GenAI Security Legacy Logins Linux Root Exploit via Chained PAM/libblockdev Vulns Living Off AI via Prompt Injection in Atlassian JSM Living Off the Land Living Off Trusted Sites (LOTS) LLM Jailbreaking LNK File Exploitation LNK_Parsing_Confusion Local File Keylogging with Web Access Long-Lived Tokens and Fragmented Access Controls Lumma Stealer via Malicious CAPTCHA Macro Enabled Documents Macro-Based Malware Delivery via Signal Macro-Enabled Phishing Malicious Advertisement Injection (Google Ads Manipulation) Malicious Advertising Malicious AI Models with Backdoors Malicious AppleScript Execution Malicious apps distributed via official App Stores Malicious Doodle Injection Malicious File Upload (CVE-2025-20282) Malicious Insider Behavior (Agentic Misalignment) Malicious Link Distribution Malicious Minecraft Mod Distribution Malicious Minecraft Mods Malicious Mobile Apps via Enterprise Certificates Malicious Package Distribution on Software Repositories Malicious Payload Execution for Initial Access Malicious USB Redirection Maliciously Crafted File Execution Malvertising (Malicious Tracker-Powered Ads) Malware Attacks via Drive and USB Redirection Malware Distribution Malware Wipers Malware/PUA disguised as popular services Man-in-the-Middle Attacks Masquerading Malicious Tools Masquerading Payloads as Legitimate Software MCP Extensibility Risks MD5 Sum Authentication Bypass and Root Access Medical Device Cyberattacks Memory Overread leading to Sensitive Data Disclosure Memory Safety Vulnerabilities Memory-related vulnerabilities MFA Fatigue/Push Bombing Microsoft 365 Direct Send Abuse for Phishing Microsoft 365 Direct Send Phishing Microsoft Defender Antivirus Configuration Issue Leading to Missed Malware Alerts and Plant Disruption Microsoft Office 365 Unauthorized Access Microsoft Teams Phishing for RMM Deployment Mirai Botnet Mirai Botnet Exploitation Mirai UDP Flood Misconfigurations and Other Security Issues Exploited by DDoS Misconfigured Docker API Exploitation for Cryptojacking Misconfigured Docker API leading to container escape and cryptojacking Misuse of SAVE Database for Voter Disenfranchisement Mobile Phone Exploitation and Geolocation Tracking Model Denial of Service Model Poisoning Modified Open-Source Networking Libraries Money Laundering and Facilitation of Illegal Activities Monster-in-the-Middle (MitM) Attack Motors Theme Password Reset Exploit MOVEit SQL Injection Exploitation (2023 Clop Ransomware Campaign) MOVEit Transfer Mass Exploitation MQTT Wildcard Subscription for Tractor Tracking Mule as a service Multistage attacks on containerized applications MyBB 0day NeighborJack NetScaler ADC Session Hijacking via Malformed Requests Network Propagation Network Throttling via Packet Injection/Blocking NFC-Based Fraud NFC-based Fraud/Relay Attacks nOAuth Abuse Nobitex Attack via Predatory Sparrow Nobitex Crypto Exchange Hack NSO Group spyware attack on WhatsApp users NTLM Relay via GetErrorResponse NTP Amplification NTP Reflection Obfuscated BAT files delivering NetSupport RAT Object-Oriented Obfuscation Objective-C load Selector Hijacking OCR-based Image Theft Off-Hours Attacks OGNL Injection OneClik Campaign OneDrive_File_Search_Bug Online Scams Open VSX Registry Privilege Escalation via CI/CD Poisoning Open VSX Registry Takeover Open VSX Repository Takeover via Extension Publishing Mechanism Operational Disruption and Financial Impact OT System Exploitation Outlook Web Access Keylogger Injection Over-Permissioned Users Paragon Spyware Exploit Password Brute-Forcing Password Bruteforcing password spraying Password Spraying Password Stealers Paste and Run (Clickfix/Fake CAPTCHA) Path Parsing Bypass using NT Object Manager prefix PDF_Parsing_Out_of_Bounds_Read_Information_Disclosure Persistence via Autorun Key Modification Phishing Phishing Attack Phishing Attacks Phishing attacks against political campaigns Phishing attacks using scraped personal data Phishing Campaign Phishing Campaign Targeting Israeli Academics and Journalists Phishing Campaigns Phishing Campaigns by Charming Kitten/APT42 Phishing emails targeting outdated Roundcube webmail instances Phishing for Account Credentials Phishing via Microsoft 365 Direct Send Abuse Phishing via Webflow redirection with fingerprinting Phishing_New_Hire_Targeting Phishing-related scams Phishing/Social Engineering Phishing/Spamming Capabilities Physical Access and Boot Disk Password Reset Physical Access and Camera Access at Gym Pig Butchering Scams PII Exposure and Data Broker Abuse PIN Theft and Shoulder Surfing Plaintext Credential Exposure Plaintext Credential Sniffing Play Ransomware Double Extortion Portmap Flood Post-Exploitation Beaconing and C2 Communication Potential Data Exfiltration via Fourth-Party Supplier Vulnerability PowerShell code inside LNK files PowerShell file download and execution PRC File Parsing Out-Of-Bounds Read PRC File Parsing Out-Of-Bounds Write PRC_File_Parsing_Out_Of_Bounds_Read PRC_File_Parsing_Out-Of-Bounds_Write PreBuild Backdoor Predictable Password Generation by LLMs Preview Program Bug Exploitation Printer Redirection Abuse Privacy risks associated with cloud-based AI processing of user photos Privacy Violation via Facial Recognition Misidentification Private Key Compromise Privilege Escalation via Compromised C-Suite Accounts Privilege Escalation via PreviousMode Modification Programmatic Exploitation of CyberArk PAM Vaults Prolonged Access/Dwell Time Prompt Injection Prompt Injection (Inappropriate Content) Prompt Injection (Sensitive Data Exposure) Prompt Injection for AI Evasion Prompt Injection via Link Unfurling Qilin Ransomware Attack Qilin Ransomware Double Extortion QOTD Reflection Qubit Decoherence via Amplifier Heat and Noise Race Condition Ransomware Ransomware and Disk Wiping Ransomware as a Service (RaaS) - REvil Ransomware Attack Ransomware Attack (Anubis) and Data Exfiltration Ransomware Attack (INC Ransom) Ransomware Attack (Initial Breach) Ransomware Attack (Play Ransomware Group) Ransomware Attack (Seattle-Tacoma Airport) Ransomware Attack by Qilin Ransomware Attack Leading to Service Disruption and Contributing to Death Ransomware Attack Leading to System Disruption and Data Exfiltration Ransomware Attack on External Supplier Ransomware Attack on Fasana Ransomware Attack on Nucor Ransomware Attack with Data Exfiltration (Play Ransomware) Ransomware Attacks Ransomware Double Extortion Ransomware Exploitation of SaaS Environments Ransomware on Cameras Reading Currently Playing Media readNICParametersFromFile Deserialization Recruitment of Criminal Gangs via BreachForums Reflection Attacks (QOTD, Echo, NTP, RIPv1) Regulatory Capture via Federal Funding Conditionality Remote Code Execution (RCE) via Publicly Exposed Web Server Remote Code Execution in Cisco ISE/ISE-PIC Remote Code Execution via Chained Vulnerabilities Remote Code Execution via Misconfigured MCP and Command Injection Remote Code Execution via Unchecked Input Handling and Excessive Permissions Replay Attacks Restart Loop Exploit restoreESwitchConfig Directory Traversal Retrieval Augmented Generation (RAG) Poisoning Reusing Legacy Malware (Marai Bot, Qakbot, Emotet) Reverse Shell Creation REvil Ransomware Ring Account Compromise for Swatting RIPv1 Amplification Risky Attachments via Outlook Exploitation Rogue WordPress Plugin Malware Distribution Romance Scams RSS Feed URL Replacement for XSS RTSP Streaming Without Proper Authentication Sainbox RAT and Hidden Rootkit Deployment Salt Typhoon GRE Tunneling Salt Typhoon Hackers Target Viasat SAML_SSO_COMMAND_INJECTION Sandbox Evasion SAP GUI Client Vulnerabilities - Unsafe Storage of Sensitive Data saveAsText Directory Traversal Scam Crypto/Investment Sites Scam Investment and Crypto Trading Sites Scareware Scareware (Fake Virus Alerts) Scattered Spider TTPs Scheduled Task Persistence Screen Spying via Chromium --auto-select-desktop-capture-source Script Injection into Hot Wallet Host Script-Based Registry Modification Search Parameter Injection Search Parameter Injection Attack Search Result Hijacking via Reflected Input Self-Service Password Reset & MFA Manipulation Self-XSS to Stored XSS via Credentialless Iframes and fetchLater API Selling initial access to ransomware affiliates Serpentine#Cloud Multi-Stage Malware Injection ServiceStack_FindType_Directory_Traversal_RCE Session Hijacking via CVE-2025-5777 Session Hijacking via Stolen Session Tokens Session Hijacking via stolen tokens (related to CVE-2025-5777 and CitrixBleed CVE-2023-4966) Session Hijacking via Token Theft Session Token Hijacking Session Token Replay via Memory Overread Session Token Theft and MFA Bypass Session Token Theft via Malformed Request Session Token Theft via Malformed Requests Session Token Theft/Impersonation (CitrixBleed 2) Shared Vault Vulnerabilities Shellcode Execution from 1.txt ShinyHunters Attacks SHOE RACK Shortened or Vanity URLs Redirection ShortLeash Backdoor ShortLeash Backdoor Installation ShortLeash Malware Deployment Sideloading Apps SIEM scaling challenges and high log management costs Signal-Delivered Macro-Laced Word Document Signature Forgery SilentRoute Trojanized SonicWall NetExtender SIM Swap Attack SIM Swapping SIM-Swapping Attacks SimpleHelp Exploited by DragonForce Single Sign-On (SSO) System Compromise Single-Factor Authentication Vulnerability SinoTrack GPS tracker vulnerability leading to vehicle control Skills Gap in Cybersecurity Teams Smart Contract Exploits SMB flaws SMB Protocol Flaws SMB Share Script Execution Delay Smishing Social Engineering Social Engineering (Phishing, SIM Swapping, MFA Bombing) Social Engineering and Credential Abuse Social Engineering and MFA Bypass Social Engineering and Spear-Phishing Social Engineering Bypassing MFA Social Engineering Bypassing Multi-Factor Authentication Social Engineering of Help Desks Social Engineering of IT Help Desk Social Engineering Scams Social Engineering Schemes Targeting Individuals Associated with Iran Policy Social Engineering Targeting Family Members Social Engineering targeting IT Help Desks Social Engineering targeting SSPR Social Engineering to Change Default Security Settings Social Engineering via App Passwords Social Engineering via Fake Job Assignments Social Engineering via Impersonation and ASP Abuse Social Engineering via Impersonation and Urgency Manipulation Social Engineering via Phone Scams Social Engineering via Zoom Meeting Manipulation Social Media Data Harvesting Software Supply Chain Attacks SolarWinds Supply Chain Attack SparkKitty Distribution via Modded TikTok Clones and Fake Frameworks SparkKitty Malware SparkKitty Malware Image Theft and Exfiltration SparkKitty Trojan Spear Phishing Campaign Spear Phishing for Cyber Espionage Spear Phishing with App-Specific Passwords Spear-phishing Spear-Phishing Spear-Phishing for Initial Access Spear-Phishing with Credential Harvesting and 2FA Relay Spear-Phishing with DLL Side-Loading SPECIALLY_CRAFTED_API_REQUEST_ROOT_EXECUTION Spoofing Attacks Spoofing Attacks (Deepfakes and Injection Attacks) SQL Injection SQL Injection via phpMyAdmin SSH Access/Total Control SSRF via HTTP Redirect Loops Stargazers DaaS Minecraft Mod Stargazers DaaS Minecraft Mod Malware Distribution Stargazers Ghost Network State-backed Cyber Attacks Targeting NGOs and Think Tanks Stolen API Key Stolen Credentials Stolen Credentials for 23andMe Data Breach Stolen Data Marketplace Stored Cross-Site Scripting (XSS) Stuxnet Subdomain Enumeration via Certificate Transparency Logs Subdomain Enumeration via CSP Headers Supply Chain Attack Supply Chain Attack via Malicious Doodle Image Supply Chain Attack via Malicious JavaScript Injection Supply Chain Attacks Supply Chain Compromise (Possible) Supply Chain Compromise via Malicious Payloads in Open Source Hacking Tools Supply Chain Compromises Supply Chain Dependency on Chinese Technology Survey Scams Survey Scams with False Cash Rewards Suspicious Registry Modification via REG.EXE Symbolic Link File Deletion System Profiling Through Registry Access System Recovery Option Removal Tarfile Symlink Path Traversal Telegram Bot Data Exfiltration Third-Party Driver Kernel Vulnerability Time Zone Configuration Exploit Token Sprawl and Visibility Gaps Tool Sprawl TP-Link Router Command Injection Trinper Backdoor Deployment via Phishing and Zero-Day Trojanized GitHub Repositories Trojanized GitHub Repositories with Invisible Malicious Code Trojanized NetExtender Distribution (SilentRoute) Trojanized NetExtender Installer Trojanized Open Source Hacking Tools Trojanized Python Packages via GitHub Trojanized SonicWall NetExtender App Trusted Relationship Attacks via Contractors TypeResolutionService Deserialization of Untrusted Data Typosquatting U3D File Parsing Out-Of-Bounds Read U3D File Parsing Out-Of-Bounds Read Remote Code Execution U3D File Parsing Out-Of-Bounds Write Remote Code Execution U3D File Parsing Use-After-Free U3D_File_Parsing_Use-After-Free_Remote_Code_Execution UAC Weakening via Registry Modification UDF File Parsing Out-Of-Bounds Read UDP Flood UMBRELLA STAND Unauthorized Access and Data Exfiltration Unauthorized Access to Legacy Systems Unauthorized Access via Compromised Trusted Location Unauthorized Credit Card Use for Hacking Tools Unauthorized Data Access via GenAI-Generated Reports Unencrypted WhatsApp Backups Unlawful User Data Transfers to China via DeepSeek Apps Unmanaged App-to-App Connections Unmonitored Timelock Unofficial Signal App Hack Unpatched Software Exploitation Unrestricted File Upload via getFileFromURL Unreviewed Telemetry and Alert Overload Unsecured Camera Feeds/Default Credentials Unsupported ED25519 SSH Keys in FIPS Mode UPX Packing UPX Packing with Custom Configuration Trailer US Administration Instructed Service Refusal USB Worm (HIUPAN) for Malware Propagation Use of Default Passwords Use of Malicious Computer Programs Using Windows 10 after End of Life VDI-Related Instability Violence-as-a-Service via Encrypted Platforms VS Code Project Backdoor via tasks.json VXLAN Source IP Bypass Wallet Banning via Excessive Worker Logins Wallet Drainer Wallet Drainer Exploit Weak Master Password/Secret Key Combination Weak Password Generation/Re-use Weak Password Leading to ICS Attack Weak Password on Web-Accessible Control Panel Weak Service Accounts Weaponized GitHub Repositories (Water Curse) Website Defacement Website Hijacking Website Hijacking for Fake Phone Number Insertion WhatsApp Zero-Click Graphite Spyware Exploit Wicked Doll Redirect Windows Backup Data Overwrite/Exfiltration via OneDrive Windows Event Logging Disablement WinJS Uncontrolled Search Path Element Remote Code Execution WinRAR Directory Traversal Remote Code Execution Wiper Malware (Potential Shamoon-like attack) WordPress Plugin Malware Campaign XMRogue_Bad_Share_Injection XMRogue_Wallet_Flooding XOR Key Recovery XSS (Cross-Site Scripting) XSS Attack Zero-Click Attack on Microsoft Copilot Zero-Day DoS Zero-Day Exploit Zero-day Exploit Production Zero-day exploitation of CVE-2025-6543
Vulnerabilities All CVE-2014-4078 CVE-2015-1548 CVE-2017-11774 CVE-2017-17663 CVE-2017-17761 CVE-2018-13379 CVE-2019-0604 CVE-2019-11510 CVE-2019-19781 CVE-2019-5591 CVE-2019-6693 CVE-2020-0796 CVE-2020-12641 CVE-2020-12812 CVE-2020-1472 CVE-2020-35730 CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 CVE-2021-31206 CVE-2021-31207 CVE-2021-34473 CVE-2021-34523 CVE-2021-44026 CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 CVE-2022-1388 CVE-2022-26134 CVE-2022-30190 CVE-2022-42475 CVE-2022-47966 CVE-2022-47986 CVE-2023-20198 CVE-2023-20273 CVE-2023-27350 CVE-2023-28771 CVE-2023-33538 CVE-2023-34362 CVE-2023-3519 CVE-2023-36019 CVE-2023-36934 CVE-2023-38831 CVE-2023-46805 CVE-2023-47452 CVE-2023-4966 CVE-2023-6401 CVE-2023-6448 CVE-2023-6548 CVE-2023-6549 CVE-2024-0769 CVE-2024-21887 CVE-2024-24919 CVE-2024-29973 CVE-2024-30088 CVE-2024-3094 CVE-2024-3400 CVE-2024-51977 CVE-2024-51978 CVE-2024-51979 CVE-2024-51980 CVE-2024-51982 CVE-2024-51983 CVE-2024-51984 CVE-2024-54085 CVE-2024-57727 CVE-2024-8404 CVE-2025-0055 CVE-2025-0056 CVE-2025-0059 CVE-2025-1533 CVE-2025-20234 CVE-2025-20264 CVE-2025-20281 CVE-2025-20282 CVE-2025-20700 CVE-2025-20701 CVE-2025-20702 CVE-2025-23121 CVE-2025-24200 CVE-2025-2566 CVE-2025-27363 CVE-2025-2783 CVE-2025-3112 CVE-2025-3116 CVE-2025-3117 CVE-2025-31196 CVE-2025-3248 CVE-2025-33053 CVE-2025-34509 CVE-2025-34510 CVE-2025-34511 CVE-2025-3464 CVE-2025-36537 CVE-2025-3699 CVE-2025-3898 CVE-2025-3899 CVE-2025-3905 CVE-2025-4322 CVE-2025-47724 CVE-2025-47725 CVE-2025-47726 CVE-2025-47727 CVE-2025-49144 CVE-2025-49151 CVE-2025-49152 CVE-2025-49153 CVE-2025-49763 CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-49825 CVE-2025-49851 CVE-2025-49852 CVE-2025-49853 CVE-2025-5015 CVE-2025-5087 CVE-2025-5349 CVE-2025-5740 CVE-2025-5741 CVE-2025-5742 CVE-2025-5743 CVE-2025-5777 CVE-2025-6018 CVE-2025-6019 CVE-2025-6021 CVE-2025-6170 CVE-2025-6218 CVE-2025-6442 CVE-2025-6443 CVE-2025-6444 CVE-2025-6445 CVE-2025-6521 CVE-2025-6522 CVE-2025-6543 CVE-2025-6640 CVE-2025-6641 CVE-2025-6642 CVE-2025-6643 CVE-2025-6644 CVE-2025-6645 CVE-2025-6646 CVE-2025-6647 CVE-2025-6648 CVE-2025-6649 CVE-2025-6650 CVE-2025-6651 CVE-2025-6652 CVE-2025-6653 CVE-2025-6654 CVE-2025-6655 CVE-2025-6656 CVE-2025-6657 CVE-2025-6658 CVE-2025-6659 CVE-2025-6660 CVE-2025-6661 CVE-2025-6662 CVE-2025-6793 CVE-2025-6794 CVE-2025-6795 CVE-2025-6796 CVE-2025-6797 CVE-2025-6798 CVE-2025-6799 CVE-2025-6800 CVE-2025-6801 CVE-2025-6802 CVE-2025-6803 CVE-2025-6804 CVE-2025-6805 CVE-2025-6806 CVE-2025-6807 CVE-2025-6808 CVE-2025-6809 CVE-2025-6810 CVE-2025-6811 CVE-2025-XXXXX ZDI-CAN-25373
MITRE ATT&CK TTP All " ] "context": "The article describes the Psylo browser using TLS (Transport Layer Security) "context": "The article explicitly states that the browser uses a proxy network to mask the IP address of each silo (tab). This is a clear indication of proxy usage." "context": "The article mentions the use of encryption for network traffic. While the purpose is security "contradictions": "None" } "independent_analysis": "Encryption inherently obfuscates data. The article doesn't detail the specific encryption algorithms or implementation "independent_analysis": "The use of TLS confirms encrypted application layer protocol usage "independent_analysis": "Using a proxy allows the browser to hide the actual source IP address "Obfuscated Files or Information: T1027 "Proxy: T1090 "System Information Discovery: T1082 and blocking HTTP shows protocol filtering." Application Layer Protocol: T1071 Botnet: T0000 Business Email Compromise: T1566.001 but the general principle aligns with obfuscation." Cloud Accounts: T1078.004 Command and Scripting Interpreter: T1059 Compromise: T1195 Compromised Credentials: T1552 Content Injection: T1659 Credentials from Password Stores: T1555 Data Encrypted for Impact: T1486 Data Theft: T1083 Denial of Service: T1499 Deobfuscate/Decode Files or Information: T1140 Dependency Confusion: T1685 Drive-by Compromise: T1189 Email Forwarding Rule: T1114.003 encryption also obfuscates the content of the traffic Exploit Public-Facing Application: T1190 Exploitation for Client Execution: T1203 Exploitation for Privilege Escalation: T1068 Exploitation of Remote Services: T1210 External Remote Services: T1133 File and Directory Discovery: T1083 for secure communication and explicitly blocking HTTP traffic. This indicates a conscious effort to use a specific application layer protocol for network communication." Impair Defenses: T1562 Indicator Removal: T1070 Ingress Tool Transfer: T1105 Inhibit System Recovery: T1490 Input Capture: T1056 Lateral Tool Transfer: T1570 making it difficult to analyze without the decryption key." making tracking more difficult." Modify Registry: T1112 Native API: T1106 Non-Application Layer Protocol: T1095 Obfuscated Files or Information: T1027 OS Credential Dumping: T1003 Phishing: T1566 Physical Access: T1197 PowerShell: T1059.001 Process Injection: T1055 Proxy: T1090 quotes": [ "Psylo uses encrypted TLS channels for communication and it blocks plain-text HTTP traffic." ] quotes": [ "The browser-maker also relies on its own Mysk Private Proxy Network to mask the IP address of each silo." ] quotes": [ "We designed the system so that the network traffic is always transferred in encrypted channels Remote Services: T1021 Replication Through Removable Media: T1091 Scheduled Task/Job: T1053 Service Stop: T1489 Social Engineering: T1566 Social Engineering: T1598 Spearphishing Attachment: T1193 Spearphishing Link: T1192 Spearphishing: T1566 Spearphishing: T1566.001 Supply Chain Compromise: T1195 System Information Discovery: T1082 Trusted Relationship: T1199 ttp": { "items": { "Application Layer Protocol: T1071 Unsecured Credentials: T1552 Valid Accounts: T1078 Vulnerability Scanning: T1595.002 Web Shell: T1505.003 which is an application layer protocol Windows Command Shell: T1059.003 Windows Management Instrumentation: T1047
Exploited Software All .NET applications using AppDomainManager 1inch dApp 1inch Developer Portal 1inch infrastructure 1inch smart contracts 1inch Wallet 23andMe AccuWeather and Custom RSS widget ACME mini_httpd Active Directory Active Directory Certificate Services Aflac Network AFNetworking & Alamofire AFNetworking open source library AFNetworking.framework (modified versions) AFNetworking.framework / Alamofire.framework (Malicious versions) Agent Tesla Ahold Delhaize Systems Ahold Delhaize USA Systems AI Deepfakes AI-accelerated exploits Airoha systems on a chip (SoCs) Akira Ransomware Alamofire.framework (modified versions) Alder Hey Alphv/BlackCat ransomware Amazon Elastic Kubernetes Service (EKS) clusters Amazon Web Services (AWS) Elastic Compute Cloud (EC2) instance running a web server AMI BMC AMI MegaRAC SPx Android Android adware Android application package (APK) Android Cryptocurrency and Casino Applications Android operating system (OS) image Anthropic's Slack MCP Server Anubis Ransomware AnyDesk Apache ActiveMQ Apache Log4j Apache PHP server Apache Shiro Apache Tomcat Apache Traffic Server API Key API Keys and Tokens App-Specific Passwords (ASPs) Apple Apple App Store Apple macOS CoreGraphics Apple macOS Terminal app Apple products Apple Products Apple Safari Applications and websites (including Google, Microsoft, Apple, Facebook, Instagram, and Snapchat) Armoury Crate AsIO3.sys Asus ASUS AsyncRAT AT&T Atlassian Confluence Atlassian Confluence Server and Data Center Atlassian MCP Atlassian's model context protocol (MCP) server AutoHotKey AWS CloudTrail AWS Session Tokens Azure Bank and financial accounts, health platforms, and government portals Bank of America Bank Sepah Banking and Cryptocurrency Applications Barracuda ESG Beanstalk BeardShell BEARDSHELL Bluetooth Hands-Free Profile (HFP) BootstrapperNew.exe Boulanger BreachForums BreachForums (MyBB) Brother Printers Brother printers, scanners, and label-makers Browsers Buffalo AirStation routers Buffalo Technology Buffalo Technology AirStation wireless routers Buffalo Technology Routers Bybit Chain IQ ChatGPT Check Point Security Gateway Chisel Chromium Chromium Embedded Framework (CEF) Cisco Cisco AnyConnect Cisco ASA 5515 Cisco Devices Cisco Identity Services Engine (ISE) Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) Cisco Identity Services Engine (ISE) CVE-2025-20264 Cisco Identity Services Engine (ISE) CVE-2025-20281 Cisco Identity Services Engine (ISE) CVE-2025-20282 Cisco IOS XE Cisco IOS XE software Cisco ISE Passive Identity Connector (ISE-PIC) Cisco Web UI Cisco-Linksys Cisco's public-facing DevHub portal Citrix Citrix ADC Citrix Application Delivery Controller (ADC) and Gateway Citrix NetScaler Citrix NetScaler ADC and Gateway Citrix NetScaler ADC and NetScaler Gateway Citrix NetScaler devices CitrixBleed (CVE-2023-4966) CitrixBleed 2 CitrixBleed 2 Vulnerability Claimloader Clam AntiVirus Classroom Spy Cloud Infrastructure Co-op Cobalt Strike CoinMarketCap CoinMarketCap Website Cointelegraph CoinTelegraph ConnectWise ControlID iDSecure On-premises Covenant COVENANT framework Cross DVR CrowdStrike CrowdStrike Falcon CrushFTP VFS Crypto Wallets Cryptocurrency and casino apps (Android) Customer-facing websites of financial firms CVE-2014-4078 CVE-2015-1548 CVE-2017-17663 CVE-2020-0796 CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 CVE-2021-31206 CVE-2021-31207 CVE-2021-34473 CVE-2021-34523 CyberArk CyberArk password vault D-Link D-Link DIR-859 D-Link DIR-859 router D-Link DIR-859 routers D-Link Routers Danabot DC Health Link DeepSeek DeepSeek's apps Delta Electronics CNCSoft Digital control systems of critical infrastructure entities Discord Docker Docker API DRAT V2 DropBear SSH Echo reflection Edimax IC-7100 IP Camera Electronic Health Records Systems Email accounts Email Accounts Emotet Encrypted apps Encrypted online platforms Endpoints Entra ID Erie Insurance Network Erie Insurance Networks EternalBlue Evilginx (AiTM Phishing Kits) Exodus cryptocurrency wallet app Expired Certificates Eye Pyramid C2 F5 Networks F5 BIG-IP Facebook Fake TikTok app (iOS) Falcon post-quantum signature scheme Fastjson Financial Services Application Programming Interfaces (APIs) FJD AT2 aftermarket steering system Fleetdeck FormBook FortiGate 100D series firewalls Fortinet FortiOS FortiOS France Travail Fraudulent Websites FreeType French Connection French Football Federation (FFF) Fujifilm printers Fujifilm Printers Gambling and adult games, crypto-related apps Gemini-2.0-flash-lite Gemini-2.5-flash Gh0stRAT Gh0stRAT variants Gilbarco Veeder-Root fuel management systems GitHub GitHub Repositories GitLab Gmail Gmail accounts Gmail/Office 365 GoAhead web apps Godfather Android trojan Godfather Android Trojan GodFather Android trojan Google Google Accounts Google Ads Google Chrome Google Drive Google email account Google Login Page Google Meet Google One Tap Google Play GoogleFiber Router GPT-4.1-nano GPT-4o GPT-4o-mini Grok Harrods healthcare, government, information technology, engineering, and energy sectors Heartland Tri-State Bank Hello Barbie Hewlett Packard Enterprise Hidden rootkit HIUPAN Home Office "No Place to Hide" website Horizon Virtual Desktop Infrastructure (VDI) Hot Wallet HP Hugging Face Models using Python's pickle module IBM Aspera Faspex Ichano AtHome Camera ID verification company Identity Systems iMessage Improperly configured server Industrial Control System (ICS) components for railway management Industrial Control Systems (ICS) infostealer malware Infostealer Malware Infostealers Internet-connected cameras Internet-enabled cameras IOCONTROL malware (targeting OT and IoT devices) iOS iOS Apps (via Apple Enterprise Provisioning Profile) IoT and OT devices Iran's state-owned TV broadcaster Iranian high-value individuals' credentials and sensitive military info Iranian uranium refining capabilities (via Stuxnet) IRIB (Islamic Republic of Iran Broadcasting) television stream Ivanti Connect Secure Ivanti Connect Secure and Ivanti Policy Secure Jira Service Management (JSM) Kaleidoscope (Android Adware) Kaleris NAVIS N4 ULC (Ultra Light Client) Karmanos Cancer Institute Kaseya Konica Minolta printers Konica Minolta Printers Krispy Kreme IT systems Kubernetes Langflow Lantronix IoT devices Large Language Models (LLMs) Large Language Models (LLMs) and Generative AI (GenAI) tools LastPass Legacy Systems libcef.dll libcef.dll (Chromium Embedded Framework) libcrypto.dylib (Modified version) Linux Linux distributions Linux Kernel Linux systems Linux-based systems LiteSpeed Cache plugin LLM applications LLMs distributed on platforms like Hugging Face LLMs that use external data sources (Retrieval Augmented Generation or RAG) LogMeIn Lumma Stealer M&S macOS Marvell QConvergeConsole McAfee antivirus update McLaren computer systems McLaren Health Care and Karmanos Cancer Institute computer network McLaren Health Care Network Mescius ActiveReports.NET Messaging app with crypto exchange capabilities Messaging app with crypto exchange features (Android) Messaging app with crypto-exchange features (Google Play) MetaMask Mexico City’s camera system Microsoft Microsoft 365 Microsoft 365 Direct Send Microsoft Accounts Microsoft Active Directory Microsoft Azure App Services Microsoft Azure Machine Learning Environments Microsoft ClickOnce Microsoft Cloud environment Microsoft Copilot Microsoft Defender Antivirus Microsoft Edge Microsoft Entra ID Microsoft Excel Microsoft Exchange Server Microsoft Office 365 Microsoft Outlook Microsoft Power Platform Connector framework Microsoft PowerPoint Microsoft SharePoint Microsoft SQL Server Microsoft Teams Microsoft Windows Microsoft Windows (specifically Windows XP) Microsoft Windows Support Diagnostic Tool (MSDT) Microsoft Word Microsoft’s ClickOnce Mikrotik RouterOS Minecraft Minecraft mods mini_httpd Mirai botnet Mirai UDP flood Mirai-variant botnet Misconfigured Cloud Instances Mitsubishi Electric air conditioning systems Mixtral Mobile Phones Model Context Protocol (MCP) servers Model Context Protocol (MCP) Servers Modicon Controllers M241/M251/M258/LMC058/M262 Modified TikTok Apps Monero cryptocurrency miners Motors Theme Motors Theme (WordPress) Motors theme for WordPress Motors Theme Vulnerability MOVEit Transfer Mozilla Firefox Multi-Factor Authentication Systems MyBB N-day vulnerabilities Netflix Netflix Website Search Functionality NetScaler ADC NetScaler ADC 13.1-FIPS and 13.1-NDcPP 13.1-37.235, and later releases of 13.1-FIPS and 13.1-NDcPP NetScaler ADC 13.1-FIPS and NDcPP before 13.1-37.236-FIPS and NDcPP NetScaler ADC and Gateway NetScaler ADC and Gateway (CVE-2025-5777) NetScaler ADC and Gateway versions 12.1 and 13.0 NetScaler ADC and NetScaler Gateway NetScaler ADC and NetScaler Gateway 13.1 before 13.1-59.19 NetScaler ADC and NetScaler Gateway 13.1-58.32 and later releases of 13.1 NetScaler ADC and NetScaler Gateway 14.1 before 14.1-47.46 NetScaler ADC and NetScaler Gateway 14.1-43.56 and later releases NetScaler Gateway NetSupport RAT Network Devices Network Resources and Configurations Networked Medical Devices NFC technology Ngrok NMP Web+ Nobitex Nobitex (Iranian Cryptocurrency Exchange) Nobitex Cryptocurrency Exchange node-orm-mongoose Node.js (node.exe) Nokia Source Code, SSH and RSA Keys Notepad++ Notepad++ installer npm npm packages NTP amplification NTP reflection Nucor's information technology systems Older or less secure apps and devices Open Source Software Packages Open VSX Open VSX Registry Open-source software (OSS) repositories (npm, PyPI, and RubyGems) OpenSSH Oracle Cloud Ostrich VPN Outdated dependencies Outlook Outlook Accounts OWASP Juice Shop Palo Alto GlobalProtect VPN Palo Alto PAN-OS Panasonic PaperCut NG Passwords PayPal PDF-XChange Editor Phantom Philadelphia Insurance Companies Network PHP phpMyAdmin Portmap flood PoshC2 PowerShell private security cameras installed in Israel programmable logic controllers Programmable Logic Controllers (PLCs) Progress MOVEit Transfer Progress Telerik Report Server Prometei Prometei Malware protected computer PUBLOAD Pubshell Pulse Connect Secure PyPI packages Python Python 3.12.3 Python 3.13.0 Python 3.13.3 Python packages Python Packages Python's TarFile.extractall() and TarFile.extract() Qakbot QOTD reflection Radiant Capital Ransomware RARLAB WinRAR react-plaid-sdk reg.exe Remcos Remote Desktop Protocol (RDP) Retrieval Augmented Generation (RAG) LLMs Revenge RAT RevengeRAT REvil ransomware Ricoh printers Ring Ring cameras RIPv1 amplification RIPv1 amplification attacks Roundcube Roundcube Webmail router-parse Routers Routers and other edge network devices Routers, network-attached storage devices, and video recorders Ruby WEBrick RubyGems packages Ruckus Wireless Ruckus Wireless access point devices Ruckus Wireless access points Ruckus Wireless Routers Safe Wallet Sakura RAT Sakura-RAT Samba Services Manager (embedded in the firmware of certain Sony Bravia TVs) SAP GUI client SAP GUI for Java SAP GUI for Windows Schneider Electric EVLink WallBox Seattle-Tacoma International Airport computer systems Security Camera System Security Cameras Security questions Server Message Block (SMB) protocol flaws ServiceStack SFR SharePoint shine.exe Shortened or vanity URLs Sight Bulb Pro Firmware Signal SimpleHelp SimpleHelp RMM Single Sign-On (SSO) System SinoTrack GPS tracking platform Sites and Servers SK Telecom Systems SlimAgent SLIMAGENT Sliver Smart TVs and other home IoT devices SMS messages SMTP email bomber SnakeStealer Snowflake SOEX Software vulnerabilities Software vulnerabilities (unspecified) SOHO devices (routers and IoT endpoints) SOHO devices running Linux Sol Oriens SolarWinds SonicWall NetExtender SonicWall NetExtender SSL VPN SonicWall SMA100 Appliances SonicWall VPN App Spring Framework SQL injection SSH services Steam Stratum mining protocol Stratum Protocol sumsub-node-websdk SuperCard X SWIFT systems Synnovis Pathology Services Synnovis Pathology Services Provider Synology Systems at Norway’s Lake Risevatnet dam Teams TeamViewer telecoms, airlines, hospitality, and other organizations Telegram Teleport Teleport Community Edition Ticketmaster TikTok TikTok mod for Android TikTok mods TikTok mods for Android TikTok mods for iOS Tokio Marine Networks TONESHELL Toshiba printers Toshiba Printers TP-Link routers TP-Link Routers TP-Link Routers (Discontinued) TP-Link Wi-Fi Routers Trump's Campaign Website Truth Social Truth Social platform Turbo VPN Private Browser U.S. networks U.S. Office of the Comptroller of the Currency (OCC) email accounts UBS Ubuntu, Debian, Fedora and openSUSE Leap 15 UNFI Core Systems Unidentified municipal healthcare provider Unitronics PLC Unitronics Vision Series programmable logic controllers (PLCs) and human machine interfaces (HMIs) Unknown Vulnerability Unnamed Internet service provider Unnamed US telecommunications provider US government websites US Networks and Internet-connected Devices Veeam Backup & Replication VenomRAT Viasat Viasat communications system Viasat compromised device Viasat Devices video camera system Visual Studio PreBuild events vite-loader-svg vite-plugin-next-refresh VMware ESXi VMware ESXi Hypervisor VMware Horizon Virtual Desktop Infrastructure (VDI) platform VMware vCenter VPN Infrastructure VPN Proxy Master Vulnerable applications Vulnerable Drivers Vulnerable Public Services WazirX Web Applications Web Applications (general) Web Browsers Web version of an unnamed email platform Web-accessible Control Panel Web3 wallets Webcams and video recorders Webcams and Video Recorders Webflow WestJet Airlines app WestJet Website and Mobile Application WhatsApp Windows Windows 10 Windows 365 Cloud PCs Windows File Explorer Windows File Explorer (explorer.exe) Windows Kernel Windows Netlogon Windows Run dialog WinJS WinRAR Wirral University Teaching Hospitals (WUTH) NHS Trust WMI WooCommerce WordPress WordPress Core (malicious plugin) WordPress Motors theme WordPress Motors Theme WordPress plugins wscript.exe X-VPN XMRig Xworm XZ Utils Yahoo Accounts Zoho ManageEngine Zoom Zoom Meeting Zyxel Zyxel NAS devices Zyxel networking devices Zyxel RCE vulnerability CVE-2023-28771 币 coin app 币coin 币coin (Android & iOS)
Involved Countries All Africa Albania Australia Austria Bahrain Belarus Belgium Brazil Britain California Cambodia Cameroon Canada China Côte d'Ivoire Cyprus Czech Republic Czechia Denmark Ecuador Egypt England Estonia Ethiopia EU Europe European Union Finland France Georgia Germany Ghana Greece Hong Kong Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Ivory Coast Jamaica Japan Kenya Lebanon Liechtenstein Linux Luxembourg Malaysia Mexico Minnesota Moldova Morocco Namibia Netherlands New Hampshire New Zealand Nigeria North Carolina North Korea Northern Ireland Norway Oregon OSX Pakistan Peru Philippines Poland Qatar Republic of Korea Romania Russia Rwanda Saudi Saudi Arabia Scotland Senegal Singapore Slovakia South Africa South Korea Spain Sweden Switzerland Taiwan Tanzania Texas Thailand Togo Turkey U.K. U.S. Uganda UK Ukraine United Arab Emirates United Kingdom United States UNITED STATES United States of America US USA Vietnam Wales Washington Wisconsin Zambia
Affected Industries All Academia Academic Academic Research Academics Accounting Administrative Services Adult Entertainment Advertising Advertising Technology Aerospace Agriculture AI Airline Airline Sector Airlines Airports Antivirus Software Application Security Artificial Intelligence Artificial Intelligence (AI) Automotive Automotive Dealerships Automotive/Car-Sharing Aviation Aviation and Transportation banking Banking Banking and Crypto Banking and Financial Services Biotechnology Blockchain Analytics Blockchain/Cryptocurrency Business Computing Businesses Car Sharing Chemical Civil Society Cloud Computing Cloud Services Computer Science Construction Consulting Consumer Electronics Consumer Electronics (Smart TV Manufacturing) Content Delivery Networks (CDNs) Critical Infrastructure Crypto Services Cryptocurrency Cryptocurrency Exchange Cryptocurrency Exchanges Cryptocurrency Mining Cryptocurrency/Blockchain Customer Relationship Management (CRM) Cyber Security Cybersecurity Data Brokerage Decentralized Finance (DeFi) Decentralized Finance Platforms Defense Defense Contracting Delivery Services Dental Diplomatic Drone Manufacturing Drug Development E-commerce Education Education (Universities) Elections Electricity Email Security Employment Services Encryption Endpoint Security Software Energy Energy/Power Grid Engineering Enterprise Networking Enterprise Resource Planning (ERP) Enterprises Entertainment Fashion Federal Civilian Executive Branch Federal Government Finance Finance/Banking Financial Financial Industry Financial institutions Financial Institutions Financial Institutions (Banking) Financial Services Financial Services (Banks) Fintech Firmware Security Food & Beverage Food and Beverage Food and Beverage Retail Food Distribution Food Industry Frozen Foods Fuel Management Systems Gambling Gambling/Casino Gaming Gas Genetic Testing Government Government (Federal Agencies) Government (Municipal) Government Agencies Government and Public Administration Government Networks Government Organizations Governmental entities Governmental postal services Grocery Grocery wholesale Gym/Fitness Hardware Makers Hardware Manufacturing Hardware Vendors Health Clubs/Gyms Health Platforms healthcare Healthcare High-Tech Home Security Hospitality Hospitals Hosting Hosting Provider Hosting providers Hosting Providers ICS (Industrial Control Systems) Industrial Industrial Control Systems Industrial Control Systems (ICS) Industrials Information Services Information Technology Information Technology (IT) Infrastructure Insurance Insurance companies Insurance Sector International Trade Internet Internet of Things (IoT) Internet Platforms Internet Service Providers Internet Service Providers (ISPs) Internet Services IoT/OT Devices IT IT Service Management IT Services IT Services/Managed Service Providers IT Ticketing Services Journalism Law Enforcement Legal Legal Services Lighting Local Government Logistics Managed Service Providers (MSPs) Managed Services Management & Consulting manufacturing Manufacturing Maritime Media Media & Journalism Media Portals Medical Device Manufacturing Medical Product Manufacturing Military Mobile App Development Napkin Manufacturing Napkin Production Network Security Networking Networking Equipment Networking Equipment Manufacturing Networking Security Non-governmental Organizations (NGOs) Non-profit organizations Non-Profit Organizations Nonprofit Organizations Nuclear Oil Oil and Gas Oil Industry Online Banks Online Gambling Online Media/Publishing Online Retail Password Manager Pathology Services Pensions Pharmaceutical Pharmaceuticals Political Campaigns Private Sector Procurement Public Administration Public Management Public Organizations Public Sector Public Services Radiology Railway Real Estate Recycling Red Teams and Penetration Testing retail Retail Satellite Satellite Communication Satellite Communications Security Security (Private Security Cameras) Security Camera Industry Security Operations Centers (SOCs) Security Solutions Semiconductor Semiconductor Manufacturing SEO (Search Engine Optimization) Service Providers Shipping Small and Home Office Small and Medium-sized Enterprises (SMEs) Small Businesses Social Media Social Security and Social Organizations Software Software (Encrypted Messaging Apps) Software as a Service (SaaS) Software as a Service (SaaS) Platforms Software Development Software Distribution Software-as-a-Service (SaaS) Sports Steel Steel Industry Steel Manufacturing Streaming Tax Return Preparation technology Technology Technology (Encrypted Communication Platforms) Technology Manufacturing Telecom telecommunications Telecommunications Think Tank Think Tanks Ticketing Toy Manufacturing Transportation Transportation/Logistics Utilities Utility Companies Various Industries Veterinary Services Video Camera Systems Virtual Private Network (VPN) Water Water and Wastewater Systems Water Sector Water Systems Water Utilities Web3