Published Date All 2025-03-31 2025-03-30 2025-03-29 2025-03-28 2025-03-27 2025-03-26 2025-03-25 2025-03-24 2025-03-23 2025-03-22 2025-03-21
Tags All .NET MAUI .NET MAUI Exploitation 0-day vulnerability 0-day Vulnerability 0day Vulnerability 70mai A510 ABB Products Access Control Account Security Account Takeover Account Takeover Prevention Account Takeover Protection Acoustic_Attacks Ad Tracking Admission Controller Advanced Persistent Threat (APT) Advanced Persistent Threats (APTs) Adversarial Attacks Adversarial Exposure Validation (AEV) Adversarial Machine Learning (AML) Adversary-in-the-Middle (AitM) Adversary-in-the-Middle (AitM) Attacks Adversary-in-the-Middle Attacks Adware Agentic_AI AgenticAI AI Adoption and Growth AI and Disinformation AI Content Regulation AI Ethics AI in Crime AI in Cybersecurity AI in Software Development AI Integration AI Jailbreak AI Security AI Security Policy AI Security Research AI Security Risks AI_Security AI-as-a-Service (AIaaS) AI-assisted Security Automation AI-Based Attacks AI-driven Threats AI-fueled Attacks AI-generated content AI-Generated Content AI-Generated Content Watermarking AI-Generated Threats AI-powered Cybercrime AI-Powered Data Security AI-powered Phishing Simulation AI-powered Security AI-powered_Security AirTag Tracking Alert Fatigue Android Banking Trojan Android Malware Android Security Anonymity Ansible Anti-Analysis Techniques Anti-Evasion Techniques Apache Tomcat Vulnerability API Security AppArmor Application Security APT APT Groups APT34 APT36 Arbitrary Code Execution Arista NG Firewall ARM Arrest Artificial Intelligence Artificial Intelligence (AI) Artificial Intelligence in Cybersecurity Artificial_Intelligence Asset Management Asset Risk Scoring Attack Surface Management Authentication and Authorization Authentication Bypass Authorization Bypass Automated Attacks Automated Penetration Testing Automated Testing AutomatedSecurityTesting Autonomous System Numbers (ASNs) AWS Cloud Security AWS KMS AWS Security Backdoor backdoor_installation Backdoors Banking Trojan Bankruptcy Bankruptcy and Asset Sale BAS BCDR Bdrive NetDrive BEC Technologies BGP Attacks BGP Security Binary Ninja BinaryFormatter Biometric Authentication Biometric Data Birthday Freebies Bitcoin Blockchain Forensics Blockchain Technology (in Security) Bluetooth Exploitation BODMAS Dataset Boot Crash Boot Loop Bot Management Bot Mitigation Botnet Botnet Activity Brand Impersonation Brand Spoofing Brand_Protection Browser Extension Security Browser Extensions Browser Fingerprinting Evasion Browser Integration Browser Privacy Browser Security Browser Vulnerability Browser-Based Attacks Browser-in-the-Browser (BitB) Brute Force Attack BSD Bug Bounty Bug Bounty Program Bug Fixes Business Email Compromise (BEC) BYOVD Bypass Script C++ C2 Communication CA/Browser Forum Callback-Oriented Programming (COP) CAPTCHA Alternatives CarlinKit CPC200-CCPA CASB CEO Resignation Certificate Abuse Certificate Authority (CA) Security Certificate Validation ChaCha20 Child Sexual Abuse China China Chopper China Privacy Crackdown China-aligned APT China-based Cyberattacks China-based Cybercrime China-linked APT China-linked Espionage Chinese APT Chinese Government-Sponsored APT Chinese Hackers Chinese Telecom Companies Chrome Chrome Vulnerability cimfs.sys CISA CISA Funding Cuts CISA's Role CISO Responsibilities CISO Role and Responsibilities Class Action Lawsuit Classified Information Leak Classified_Information_Leak Cleartext Password Storage ClickFix Client-Side Authentication Vulnerability Client-Side Path Traversal (CSPT) Cloud Detection and Response (CDR) Cloud Migration Cloud Misconfigurations Cloud Platform Compromise Cloud Security Cloud Security Breach Cloud Security Breaches Cloud Security Incidents Cloud Security Posture Management (CSPM) Cloud Storage Cloud_Computing Cloudflare CNA (CVE Numbering Authority) Code Execution Code Obfuscation Code Signing Code Signing Certificates Command and Control (C2) Command and Control (C2) Infrastructure Command Injection Command-line Arguments Compliance Compliance vs. Resilience Computer Vision Conditional Access Configuration Injection Constitutional Law Consumer_Protection Container Security Continuous Threat Exposure Management (CTEM) Convolutional Neural Networks (CNNs) Corporate Restructuring Cost and Licensing Cost Optimization Cost Reduction Cost Savings in Cybersecurity Counterfeit_Product_Detection Counterintelligence Credential Compromise Credential Harvesting Credential Leakage Credential Rotation Error Credential Stuffing Credential Theft Credential-Stealing Critical Infrastructure Critical Infrastructure Attacks Critical Infrastructure Cyberattacks Critical Infrastructure Cybersecurity Cross-Border Cybercrime Cross-Platform Attack Cross-Platform Ransomware Cross-Site Request Forgery (CSRF) Cross-Site Scripting (XSS) CrushFTP Cryptocurrency Cryptocurrency Fraud Cryptocurrency Laundering Cryptocurrency Regulation Cryptocurrency Theft Cryptocurrency_Regulation Crystal, Nim, Rust, Go CSaaS (Credential Stuffing as a Service) CSRF Mitigation Curve25519 CVE CVE Assignment Dispute CVE Program CVE-2023-40680 CVE-2024-3721 CVE-2025-1974 CVE-2025-2764 CVE-2025-2765 CVE-2025-2766 CVE-2025-2770 CVE-2025-2771 CVE-2025-2783 CVE-2025-2857 CVE-2025-29927 Cyber Attack Cyber Deception Cyber Espionage Cyber Insurance Cyber Resilience Cyber Threat Intelligence (CTI) Cyberattack Cyberattacks on Critical Infrastructure Cyberbullying Cybercrime Cybercrime Affiliate Program Cybercrime in Africa Cybercrime Platform Cyberespionage Cybersecurity Cybersecurity Awareness Campaign Cybersecurity Compliance Cybersecurity Framework Cybersecurity Incident Cybersecurity Incident Response Cybersecurity Program Management Cybersecurity Risk Management Cybersecurity Spending Cybersecurity Standards Cybersecurity Startup Cybersecurity Threat Intelligence Cybersecurity Training Cybersecurity Vendor Cybersecurity Vulnerabilities Dangling Commit Dark Web Dark Web Activities Data Analytics Data Backup Data Backup Security Data Breach Data Breach Prevention Data Breach Response Data Breaches Data Brokers Data Deletion Data Exfiltration Data Exposure Data Flow Analysis Data Governance Data Hygiene Data Leak Data Loss Data Loss Prevention Data Loss Prevention (DLP) Data Manipulation Data Privacy Data Protection Data Removal Data Scraping Prevention Data Security Data Sovereignty Data Theft Data Visibility Data_Security Datto BCDR DDoS DDoS Attacks DDoS Mitigation Deepfakes Deepfakes and Fraud DeepSeek Default Password Vulnerability Defense-in-Depth Denial of Service Denial of Service (DoS) Denial-of-Service (DoS) Deserialization Vulnerability DevOps DevSecOps Digital Executive Protection (DEP) Digital Fingerprinting Digital Forensics Digital Identity Digital Transformation Disaster Recovery Disinformation Disinformation Campaigns Disruption of Service DLL side-loading DLL Side-loading DLL Sideloading DLL_Side_Loading DNS Exploitation DNS MX Record Exploitation DNS over HTTPS (DoH) DNS Security DNS-based attack Domain Abuse Domain Hijacking Domain Name System (DNS) Security Domain Validation DoS Attack Double Extortion Doxing DrayTek Router DrayTek Router Vulnerability Drive-By Compromise Driver Issues Duplicate Photo Removal E-ZPass Scam East-West Traffic Monitoring Economic Analogy (Tariffs) EDR EDR Killer EDR Killer Tools EDR_Evasion Election Security Elon Musk Email Compromise Email Phishing Email Security Email Spoofing Employee Training and Awareness EncryptHub Encryption End-to-End Encryption End-to-End_Encryption Endpoint Security Enterprise Browser Entropy-Based Feature Selection Espionage Espionage Attack ESXi Ethereum Ethical Hacking ETSI Standards EU Cybersecurity Funding European Alternative Europol Evasion Techniques EvasionTechniques Evasive Techniques Evilginx Executive Targeting Exploit Intelligence Exploit Modules Exposure Management Extortion Extradition Facial Recognition Regulation Facial Recognition Technology False Claims Act False Claims Act Violation Fast Flux FCC Investigation Federal Government Contracts Federal Government Overreach Federal_Funding_for_Cybersecurity FIDO2 FIDO2 Passkeys File Encryption File Transfer Protocol Vulnerability Financial Cybercrime Financial Fraud Financial Loss Financial Penalties Find My Network Exploitation Fintech Security Fintech_Security Firebase Cloud Messaging (FCM) Firefox Firefox Vulnerability Firmware Update Firmware Vulnerability Firmware_Vulnerability Force Installation Foreign Interference Fortune 500 Fraud Detection Fraud Prevention Free Tier FTC Fuzzing Gamaredon Gambling Malware Gemini AI Generative Adversarial Networks (GANs) Generative AI Genetic Data Privacy Genetic Data Security Geopolitical Risks GitHub Abuse GitHub Action Compromise Golang Google Google Account Compromise Google Ads Abuse Google Chrome Google Chrome Vulnerability Google Maps Google Search Gootloader Government Agency Attack Government Budget Cuts Government Compliance Government Cybersecurity Policies Government Data Breach Government Data Sharing Government Funding Government Oversight Government Regulation Government Security Government Transparency Government_Misconduct Government_Use_of_Messaging_Apps GPS Spoofing/Jamming GPU Security Groovy Hacker Biography Hard-coded Credentials Hardware Root of Trust Hardware Security Harvest Now, Decrypt Later Healthcare Cybersecurity Healthcare Data Breach Healthcare Data Security Healthcare_Cybersecurity Heap Grooming HIPAA Compliance HIPAA Violation HomeKit Compatibility Honeypot How-to Guide HTTP Header HTTP Headers HTTPS HTTPSCommunication Huawei Human Error Human Trafficking Hyper-V Hypervisor Targeting IAM (Identity and Access Management) IAM Attacks IAM Misconfigurations ICS Vulnerability ICS/OT Security ICS/OT Vulnerability Identity and Access Management (IAM) Identity Management Identity Theft Identity-Based Attacks iMessage Exploit Impersonation Impersonation/Phishing Improper Access Control Improper Authorization Improper Cryptographic Signature Verification Incident Response India Post Impersonation Indonesia Social Media Regulation Industrial Control Systems (ICS) Industrial Control Systems (ICS) Security Industrial Espionage Influencer Marketing Info-Stealer Malware Information Disclosure Information Security Information Stealer Information_Security_Breach InfoStealer Infostealer Malware Infrastructure as Code (IaC) Ingress NGINX Controller Ingress-Nginx IngressNightmare Initial Access Initial Access Broker (IAB) INMemory Web Shell Insecure Default Configuration Insecure Direct Object Reference (IDOR) Insecure Direct Object References (IDOR) Insider Threat Insider Threat Detection Insider Threats Instagram Insufficient Security Measures Intellectual_Property_Rights Inter-Process Communication (IPC) International Cooperation International Fraud Internet Freedom Internet of Medical Things (IoMT) Interpol Interpol Operation Interpol-led Operation INTERPOL-led Operation Intrusion Detection Intrusion Detection Systems (IDS) Investment Scams IOC Analysis IoMT_Vulnerabilities iOS 16 Feature iOS Exploit IoT and OT Security IoT Security IoT_Security IPC iPhone Storage Management IPP Protocol Iran Jailbreaking AI Tools Japan Airlines In-Flight AI JavaScript JavaScript Injection Kaspersky Kernel Exploit Kernel Vulnerabilities Key Encapsulation Mechanisms (KEM) Key Management Knowledge Graphs Known Exploited Vulnerabilities (KEV) Known Issue Rollback (KIR) Kubernetes Kubernetes Security Kubernetes Vulnerability KYC Lack of Transparency Large Language Model (LLM) Lateral Movement Law Enforcement Law Enforcement Collaboration Lawsuit Lazarus APT Lazarus Group Leadership in Cybersecurity Legacy Systems Legal Action Legal Challenges LFI Linux Linux Security Vulnerability LinuxDistributions Living off the land Living off the Land (LOTL) Living off the Land (LOTL) Tactics Living-off-the-land LLMs LNK_Files Local Attack Local Code Execution Local Privilege Escalation Local Vulnerability LockBit Ransomware Log Tampering Loyalty Programs Mac_VPN Machine Learning (ML) Machine Learning Security Operations (MLSecOps) macOS Malware macOS Targeting Mailchimp Malicious AI Tools Malicious Driver Malicious Redirection Malicious Torrent malicious_package Malspam Malvertising Malware Malware Analysis Malware Attacks Malware Campaign Malware Classification Malware Code Signing Malware Deployment Malware Development Malware Distribution Malware Infection Malware_Analysis Malware-as-a-Service (MaaS) MalwareLoader Managed Detection and Response (MDR) Managed Security Services Medusa Ransomware MEDUSA_Ransomware Memory Corruption Messaging_App_Comparison Meta AI Metadata Metadata Lake Metasploit Micropatch Micropatching Microsegmentation Microsoft Microsoft 365 Security Microsoft Account Microsoft Bug Reporting Policy Microsoft Entra ID Microsoft Management Console (MMC) Vulnerability Microsoft Office Microsoft Outlook Bug Microsoft Security Copilot Microsoft Security Products Microsoft Trusted Signing Service Microsoft Windows Microsoft Windows Vulnerability Middle East Cybersecurity Middleware Bypass Middleware Exploitation Middleware Vulnerability Mirai Botnet Mirai-based Botnet Misconfiguration Misinformation Misuse of Communication Tools MITRE ATT&CK MITRE ATT&CK Framework Mobile Banking Fraud Mobile Malware Mobile Messaging Exploitation Mobile Security Model Drift Money Laundering Money_Laundering MSP and Channel Partners Multi-Factor Authentication Multi-Factor Authentication (MFA) Multi-Factor Authentication (MFA) Abuse Multi-Factor Authentication (MFA) Bypass Multi-Factor Authentication (MFA) Failure Multi-platform Narrative Engineering Nation-State Attacks Nation-State Hacking National Security National_Security_Risks Network Security Network Segmentation Next.js Next.js vulnerability Next.js Vulnerability NGINX NGINX Vulnerability NHS Data Compromise NHS Data Security NIST NIST Cybersecurity Framework NIST Standards Nmap North Korea North_Korean_Cybercrime Notification Security NPM Package Compromise npm Registry npm_package_attack NPM_Packages NSA Security Mandates NSExpression NTLM NVD Obfuscation Observability Online Document Platforms Online Grooming Online Privacy Online Scams Online Security Best Practices OnlineChildExploitation Open Redirect Open Redirect Vulnerabilities Open Source Open Source AI and Security Open Source Intelligence (OSINT) Open Source Security Open Source Software Open Source Software Vulnerability Open_Source_Tool Open-Source Tools OpenAI OpenCTI Platform OpenSSL Misconfiguration OpenSSL Vulnerability Operation ForumTroll Operational Disruption Operational Security Failure Operational Technology Operational Technology (OT) Operational_Technology_(OT)_Security OPSEC Failure OPSEC_Failure Oracle Oracle Cloud Security Organized Crime OS Command Injection OT Security Out-of-bounds Read Outdated Software Pakistan-based APT Passkeys Passphrase Password Manager Password Security Passwordless Authentication Patch Management Patch Released Patch Tuesday Updates Pay-Per-Install (PPI) / Malware-as-a-Service (MaaS) Penetration Testing Performance Optimization Persistence Persistence Mechanism PersistenceMechanism Phishing Phishing Attack Phishing Campaign Phishing Detection Phishing Simulation Phishing-as-a-Service (PhaaS) Phishing/Social Engineering PHP Object Injection Phreaking PIPEDA Compliance Pointer Authentication Codes (PAC) Policy and Governance Post-Compromise Breach Simulations Post-Quantum Cryptography Power Grid Disruption Powershell PowerShell Pricing_Comparison Printer Issue Privacy Privacy Concerns Privacy Enhancement Privacy Enhancing Technologies Privacy Protection Privacy Risk Assessment Privacy Violation Privacy-Enhancing Technologies (PETs) Privilege Escalation Privileged Access Management (PAM) Product Comparison Product Review Programming Languages Propaganda Proxy Servers Public Records Public-Private Partnership QNAP Worm Quantum Computing Quantum_Computing Quantum-Resistant Cryptography Quantum-Safe Cryptography RaaS Railways Ransomware Ransomware and Extortion Ransomware Attack Ransomware Attacks Ransomware_Attacks Ransomware-as-a-Service (RaaS) Raspberry Robin RAT (Remote Access Trojan) ReaderUpdate Malware Red Teaming RedCurl Registry Modification Regulatory Compliance Remcos RAT Remcos_Backdoor Remote Access Trojan (RAT) Remote Administration Remote Code Execution Remote Code Execution (RCE) Remote Desktop Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) Issues Remote Hacking Remote Remediation Remote_Access_Vulnerability REST Interface Vulnerability Reverse Engineering Reverse Shell reverse_shell Reverse_Shell Risk Management Risk Prioritization ROI (Return on Investment) Romance Baiting Romance Scams Rootkit Router Vulnerability RPipeCommander RSA Innovation Sandbox Finalist RTSP Support Runtime Security Russia Russia's Cyber Activity Russian Hackers Russian Hacking Russian State-Sponsored Attack Russian Threat Actor Russian Threat Actors Russian_Intelligence SaaS Security Sanctions Sandbox Sandbox Bypass Sandbox Escape Sandbox Evasion Sandbox Technology Sandboxing Satellite Cybersecurity Secret Exposure Secure Code Development Secure Email Gateways (SEG) Evasion Security Security Data Management Security Information and Event Management (SIEM) Security Policy Security Research Security Testing Security Tool Disablement Security Update Semiconductors Sensitive Data Exposure Series A Funding Series E Funding Series Funding Series_A_Funding SeriesAFunding Service Disruption Service Outage Session Hijacking Sextortion Shadow IT ShadowPad ShadowPad Backdoor ShadowPad RAT Shared Responsibility Model SharePoint Vulnerability SIEM Signal Signal (Messaging App) Signal Messaging App Signal_Messaging_App SIM Box Fraud SIM Swap Sitecore Small Business Cybersecurity Smart Contract Smart Home Security SMB Vulnerability SME Cybersecurity Smishing SmokeLoader Snowflake SOC (Security Operations Center) Social Engineering Social Engineering Defense Social Engineering Scams Social Media Security Social Media Security Risk Social_Engineering_Prevention SodaMaster Loaders Software Bug/Vulnerability Software Compatibility Issues Software Composition Analysis (SCA) Software Patch Software Supply Chain Software Supply Chain Attack Software Supply Chain Security Software Update Software Updates Software Vulnerabilities Software Vulnerability Solar Inverter Vulnerabilities Solar Power System Vulnerabilities Sophos Sophos X-Ops South Africa Spam Email Spam Prevention SparrowDoor SparrowDoor Backdoor SparrowDoor Malware SpawnChimera Malware Spear Phishing Spear-phishing Splunk Vulnerability Spoofing Spyder Loader Spyware SQL Injection SSH SSH Tunneling SSL VPN SSO Compromise SSRF SSRF Vulnerability State_and_Local_Government_Cybersecurity State-Sponsored APT State-Sponsored Attack State-Sponsored Attacks Static Analysis Static Code Analysis Stealth Mode Steam Account Compromise STIX Student-led SOCs Supply Chain Attack Supply Chain Attacks Supply Chain Security supply_chain_attack Supply_Chain_Attack Supply_Chain_Attacks Surveillance System Monitoring Tools System Recovery Taiwan Targeted Attacks Targeted Phishing Telecom Telecommunications Telegram Terraform Third-Party Apps Third-Party Risk Third-Party Vulnerabilities Threat Actor Collaboration Threat Detection Threat Hunting Threat Intelligence Threat Intelligence Integration Threat Response Threat Response and Automation Threat Simulation TLS Security Tool Bloat Tor Tor Browser Tornado Cash Transparent Tribe Trump Administration Two-Factor Authentication (2FA) Two-Factor Authentication (2FA) Compromise Typosquatting Ubuntu Linux Security UK Information Commissioner’s Office (ICO) Fine Ukraine Unauthenticated Access Unauthenticated Exploitation Unauthenticated Remote Code Execution Unintended Consequences University Cybersecurity US_China_Tech_Sanctions US_Cybersecurity_Policy US_Government_Sanctions USB-Based Attack Use-After-Free User and Entity Behavior Analytics (UEBA) User Experience User Experience (UX) Improvement User Namespaces USPS Scam VanHelsing Ransomware VanHelsingRaaS Veeam Backup and Recovery Venmo Privacy Vishing VMware VMware Vulnerability Volt Typhoon Voter ID VPN VPN_Features VPN_Review Vscode Vulnerabilities Vulnerability Vulnerability Assessment Vulnerability Disclosure Vulnerability Exploitation Vulnerability Management Vulnerability Scanning Weak Password Requirement Web Application Security Web Interface Vulnerability Web Scraping Web Security Web Shell Webinar WebP Vulnerability Webshell Website Compromise Website Defacement WhatsApp Whistleblower Lawsuit White House IT Windows Windows 10 End-of-Life Windows 11 Windows 11 24H2 Windows 11 Bugs Windows 11 Update Windows Exploitation Windows Malware Windows Recovery Environment (Windows RE) Windows Security Windows Server Windows Server 2025 Windows Specific Windows Task Scheduler Windows Update Windows Update Bug Windows Updates Windows Vulnerability Wire Fraud Wireless Hotspot Vulnerability WordPress WordPress Exploitation WordPress Vulnerability Workflow Automation Workforce Development XSS Attacks XWiki Vulnerability XXE Zero Trust Zero Trust Security Zero-Click Exploit Zero-day Zero-Day Zero-day Exploit Zero-Day Exploit Zero-day exploits Zero-Day Exploits Zero-Day Vulnerability Zyxel CPE Compromise Zyxel CPE Routers
Categories All Ad Security Advanced Persistent Threat (APT) Advanced Persistent Threat (APT) Analysis Advanced Persistent Threats (APTs) Advanced_Persistent_Threats AI and Emerging Technologies AI and Machine Learning Security AI Cybersecurity AI in Cybersecurity AI in Messaging AI in Mobile AI in Various Industries AI in Various Sectors AI Security AI Security and Risk Management AI Security Best Practices AI Security Research Funding AI Security Solutions AI Security Threats and Mitigation AI System Security AI_in_Cybersecurity AI_Security_Technology AISecurityTechnology Alert Prioritization and Response API Security Best Practices Application Security Application Security Risk Management APT Analysis APT Attacks APT Group Activity APT Group Analysis APT Mitigation APT_Campaign_Analysis Artificial Intelligence in Cybersecurity Authentication and Authorization Authentication Methods AWS Shared Responsibility Biometric Security Biometric Technology Botnet Analysis Browser Security Browser Security and Privacy Bug Bounty Program Enhancements Bug Bounty Programs Business and Finance Business Continuity and Disaster Recovery Business Impact of Cybersecurity CA/Browser Forum Standards Civil Liberties Cloud Security Cloud Security Breaches Cloud Security Incidents Cloud Security Posture Management (CSPM) Cloud Security Risk Assessment Cloud Security Risks and Mitigation Cloud Security Solutions and Mitigation Strategies Cloud Security Threats Cloud Security Threats and Vulnerabilities Cloud Security Tools Compliance and Regulation Compliance and Risk Management Consumer Cybersecurity Consumer Electronics Consumer Electronics Reviews Consumer Privacy and Security Container Security Corporate Governance and Financial Crisis Cost Management in Cybersecurity Cost Optimization Cost-Effective Cybersecurity Solutions Counterfeit_Product_Combating_Strategies Critical Infrastructure Critical Infrastructure Cyberattacks Critical Infrastructure Protection Critical Infrastructure Security Cryptocurrency Crime Cryptocurrency Crime and Security Cryptocurrency Regulation Cryptocurrency_Security Cryptography Cryptography and Key Management CVE Program Operational Challenges Cyber Espionage Cyber Insurance Best Practices Cyber Threat Intelligence Cyber Threat Intelligence Sharing Cyber Threat Intelligence Sharing and Analysis Cyber_Espionage Cybercrime Cybercrime and Law Enforcement Cybercrime Economics Cybercrime Investigation Cybercrime Investigations Cybercrime News Roundup Cybercrime Prosecution Cybercrime Tactics and Techniques Cybercrime Tools and Techniques Cybercrime Trends Cybercrime Trends and Statistics Cybercrime Trends and Tactics Cybercrime Types and Techniques Cybersecurity Cybersecurity (Tangential) Cybersecurity Awareness Cybersecurity Awareness and Prevention Cybersecurity Awareness Training Cybersecurity Best Practices Cybersecurity Careers Cybersecurity Challenges and Solutions Cybersecurity Compliance and Regulation Cybersecurity Defenses Cybersecurity Education and Training Cybersecurity Efficiency and Productivity Cybersecurity Firm Collaboration Cybersecurity Funding Cybersecurity Funding and Investment Cybersecurity Funding and Policy Cybersecurity Incident Response Cybersecurity Incident Response and Recovery Cybersecurity Incidents Cybersecurity Incidents and Response Cybersecurity Investigations Cybersecurity Leadership and Team Building Cybersecurity News Cybersecurity News Roundup Cybersecurity Operations Cybersecurity Operations (SecOps) Cybersecurity Practices and Strategies Cybersecurity Risk Mitigation Cybersecurity Risks and Mitigation Cybersecurity Solutions Cybersecurity Standards Cybersecurity Strategy & Leadership Cybersecurity Testing and Assessment Cybersecurity Threat Detection and Prevention Cybersecurity Threat Intelligence Cybersecurity Threat Landscape Cybersecurity Threats and Attacks Cybersecurity Threats and Vulnerabilities Cybersecurity Training and Awareness Cybersecurity Workforce Development Cybersecurity_Best_Practices Cybersecurity_Funding Cybersecurity_Policy_Analysis CybersecurityFunding Data Analytics Data Backup and Recovery Data Breach Incident Response Data Breach Response Data Breaches & Vulnerabilities Data Breaches and Leaks Data Leakage Data Management Data Privacy Data Privacy and Security Data Protection Data Protection and Backup Strategies Data Protection and Privacy Data Protection and Security Data Security Data Security and Privacy Data Security and Privacy in the Context of Bankruptcy Data Security and Protection Data Security Incident Response Data Security Incidents Data Theft Data_Security_and_Privacy Database Security DDoS Attack Analysis DDoS Prevention and Mitigation Deepfake Detection and Prevention Deepfake Technology and Creation Deepfake-Related Cyberattacks Defensive Security Developer Security Digital Forensics and Investigation Disinformation Detection and Defense DNS Security Domain Security Best Practices Election Infrastructure Security Election Law and Policy Email Security Embedded Device Security Emerging Cybersecurity Technologies Emerging Technologies and Cybersecurity Emerging Threats Emerging Threats and Vulnerabilities Endpoint Security Enterprise Security Executive Security Exploit Analysis Exploit Development Export_Controls_and_Sanctions Financial Crime Financial Cybercrime Financial Cyberthreat Trends Financial Fraud Financial News Financial Services Security Fintech Fraud Prevention Geopolitical Cyber Espionage Geopolitical Cyber Threats Geopolitical Cyber Warfare Geopolitical Cybersecurity Geopolitical Implications (Russia) Geopolitical_Cyberattacks Geopolitical_Cybersecurity Geopolitics GitHub Ecosystem and Tools Governance, Risk, and Compliance (GRC) Government and Politics Government and Regulatory Response Government Cybersecurity Government Cybersecurity Compliance Government Cybersecurity Initiatives Government Cybersecurity Policy Government Cybersecurity Strategy Government Data Security Government Regulation Government Regulation of Technology Government Surveillance Government_and_Regulation Government_Cybersecurity Governmental Affairs Governmental Crypto Regulation Hardware Reviews Hardware Security Healthcare Cybersecurity Healthcare Cybersecurity Risk Management Healthcare Data Breach Healthcare Data Privacy Healthcare Data Security Healthcare_IT_Security Higher Education Cybersecurity History of Hacking HTTP Header Security IaC Security ICS Cybersecurity Identity and Access Management (IAM) Identity Protection Incident Response Industrial Control System (ICS) Security Industrial Control System Security Industrial Control Systems (ICS) Security Industrial Cybersecurity Information Privacy Information Security Insider Threat Prevention Insider Threats Intelligence Community Failures International Cybercrime Cooperation International Law Enforcement Cooperation International Relations IoMT_Security iOS Tips and Tricks IoT Device Hacking IoT Device Security IoT Security IoT_Device_Vulnerabilities IoT_Security IoT/OT Security IT Management Kernel-Level_Malware Key Management and Encryption Kubernetes Security KYC/AML Compliance Law Enforcement Law Enforcement and Cybercrime Law Enforcement and International Cooperation Law Enforcement Response Legal and Regulatory Compliance Legal Dispute Legal_and_Regulatory_Frameworks Linux Security Linux Security and Privacy Linux System Administration Machine Learning for Cybersecurity macOS Security Malware Analysis Malware Analysis & Threat Intelligence Malware Detection Malware Detection and Prevention Malware Mitigation Malware_Analysis MalwareAnalysis Market Analysis Messaging App Security Messaging_App_Security_and_Privacy MFA and Authentication Mitigation and Remediation MLSecOps Implementation Mobile Device Security Mobile Malware Analysis Mobile Messaging App Security Mobile Security Mobile Threat Analysis Mobile Threat Research Multi-Factor Authentication Security National Security National_Security Network Security Network Security Incident Network Security Risk Assessment Network Security Solutions Notification Channel Security Online Child Exploitation Online Gaming Security Online Piracy and Malware Open Source Cybersecurity Tools Open Source Security Operating System Security Operational Technology (OT) Security Organized Crime and Cybercrime Password Management Patch Management Penetration Testing Penetration Testing Services Personal Data Protection Phishing and Social Engineering Phishing Attack Analysis Phishing Attacks Phishing Campaigns Phishing Prevention Phishing Prevention and Awareness Phishing Threat Landscape PKI Policy Analysis Post-Quantum Cryptography Privacy and Data Protection Privacy and Surveillance Privacy Law and Regulations Privacy vs. Transparency Privilege Escalation Privileged Access Management (PAM) Proactive Cybersecurity Defense Product Announcement Product Announcements Quantum Computing Threat Ransomware Analysis Ransomware and Advanced Persistent Threats Ransomware and Data Breach Response Ransomware Attacks Ransomware Tactics and Techniques Ransomware Threat Analysis Ransomware_in_Healthcare Ransomware-as-a-Service (RaaS) Regulatory Compliance Reverse Engineering Risk Management SaaS Security Sandbox Security Security Advisories Security Awareness Security Awareness Training Security Best Practices Security Incident Response Security Operations Security Operations Center (SOC) and IDS Security Operations Optimization Security Testing and Evaluation Security Tools Semantic Technologies in Cybersecurity SIEM and AI Integration Smart Home Technology Social Engineering Social Engineering and Human Element Social Media Security Software and Hardware Security Software Bug/Technical Issue Software Development Practices Software Patch Management Software Security Software Supply Chain Attacks Software Supply Chain Security Software Update Issues Software Updates and Deployment Software Updates and Features Software Vulnerabilities Software Vulnerability Software Vulnerability Analysis Software Vulnerability and Patching Software Vulnerability Disclosure Software Vulnerability Management Software_Supply_Chain_Security State-Sponsored Attacks Static Analysis Techniques Streaming Media Supply Chain Security System Administration System Performance and Optimization Targeted Attacks Technical Analysis Telecom Security Telecommunications Sector Attacks Third-Party Risk Management Third-Party Vendor Management Third-Party Vendor Security Threat Actor Activities Threat Actor Activity Threat Actor Analysis Threat Actor Mitigation Threat Actor Tactics and Techniques Threat Actor Tracking Threat Analysis Threat Detection and Mitigation Threat Detection and Response Threat Hunting Threat Hunting Strategies and Techniques Threat Intelligence Threat Intelligence & Risk Management Threat Intelligence and Analysis Threat Intelligence and Research Threat Intelligence and Response Threat Intelligence Platforms Threat Landscape Threat Mitigation Threat Modeling and Simulation Threat Research Threat_Intelligence ThreatIntelligence Tool Comparison Unexpected_Malware_Vectors User Experience (UX) in Cybersecurity User Interface/User Experience (UI/UX) Design User Privacy Virtualization Security VPN Services VPN_Service_Comparison Vulnerability Analysis Vulnerability Analysis & Disclosure Vulnerability Analysis and Exploitation Vulnerability Analysis and Penetration Testing Vulnerability Analysis and Remediation Vulnerability Assessment and Remediation Vulnerability Disclosure Vulnerability Disclosure and Analysis Vulnerability Disclosure and Coordination Vulnerability Disclosure and Exploitation Vulnerability Disclosure and Patching Vulnerability Disclosure and Remediation Vulnerability Exploitation Vulnerability Management Vulnerability Management Strategies Vulnerability Mitigation and Patching Vulnerability Prioritization Vulnerability Research Vulnerability Research and Exploitation Vulnerability_Management Web Application Security Web Browser Comparison Web Browser Security Web PKI Security Web Security Website Security Whistleblower Protection Windows 11 Compatibility Windows Operating System Windows Security WordPress Security Workforce Security
Threat Actor All $$$ 17-year-old with ADHD 8Base advanced nation-state actors Agent Tesla AI-Nomis Akira Akira Ransomware Albabat ransomware Alexander "Connor" Moucka Alexander Moucka ALPHV BlackCat ALTDOS/mystic251/DESORDEN/GHOSTR/0mid16B AO Kaspersky Lab Appalling criminal gangs APT Actor (Operation ForumTroll) APT Group (Unspecified) APT Groups APT28 APT29 APT31 APT34 APT36 Aquatic Panda AresLoader Actors Arkana Arkana Security Atlantis AIO developers/operators Atlantis AIO operators Attackers (Broadcom vulnerability) Attackers (Zombie Zero) Author of the Article Babuk2 (aka Babuk-Bjorka) Bad Actor BianLian BitStealer Black Basta BlackCat/ALPHV BlackLock BlackLock Ransomware BlackSuit C10p Cadet Blizzard Cameron Wagenius Capital One Hacker China China Mobile International USA China Mobile International USA Inc. China Telecom China Telecom (Americas) Corp. China Unicom (Americas) China Unicorn (Americas) Operations Limited China-linked threat actor Chinese Government Chinese Operation Chinese state hackers Chinese-speaking scammers Cl0p CL0P ClipBanker CliptoShuffler Cloak Cloak ransomware group Clop Clop Gang Com networks Connor Moucka CosmicBeetle Counterfeiters Criminals Crocodilus Malware Author Crocodilus Operators Crypt Ghouls CVLT Cyber attackers Cyber Av3ngers Cyber crooks Cyber fraudsters Dahua Technology Dahua Technology Company Dark Storm Team DEV-0206 DollyWay Donald Trump DPRK DragonForce Dridex Earth Estries EGodly El Dorado Elephant Beetle Embargo EncryptHub Enemy European bots Evil Corp (DEV-0243) Ex-spouses ExCobalt FakeApp Developers FamousSparrow Fauppod FIN11 FIN7 FishMonger Foreign intelligence services Fraudsters Gamaredon GenNomis GitHub Action Compromisers GorillaBot Grandoreiro Grandoreiro_operators GRU Unit 29155 Hacker groups Hacktivists Hangzhou Hikvision Digital Technology Hangzhou Hikvision Digital Technology Company Harpa AI Head Mare Hellcat ransomware group Heracles Actors Huawei Huawei Technologies Company Hytera Communications Corporation Ibiza99 INDOHAXSEC IndusInd Bank Malware Authors Initial Access Broker Groups initial access groups Interlock Ransomware group Iran iSoon Jeandiel Serrano John Binns Kimsuky Konni Lace Tempest (TA505) Lazarus Lazarus APT Lazarus Group Loan App Scam Actors LockBit Malone Iam Malvertising Campaign Actors Malware peddlers Mamona Mamont Mamont Trojan Developers Masters of Mayhem MaxAI Medusa Medusa ransomware Medusa Ransomware Members of Elon Musk's Department of Government Efficiency (DOGE) team Merlin Miscreant Mora_001 Morphing Meerkat nasty threat actors Nation-state actors Nation-state hackers Nemesis Network-adjacent attackers Nigerian Cyber Fraud Rings Nitrogen Ransomware group NoName057(16) North Korean hackers North Korean national NSO Group NSW Court Data Leaker Online trolls Operation ForumTroll Operation Zero OPERATOR PANDA Oracle Cloud Breachers Organized crime gangs in West Africa and Southeast Asia Pacific Networks Corp and ComNet (USA) LLC Pacifica Networks People's Republic of China (PRC) Persistent adversaries Physically Present Attacker Play President Trump Pro-Russian actors Qilin Qilin Ransomware QuadSwitcher RansomHouse RansomHub RansomHub affiliate Ransomware actors Ransomware Actors Ransomware cartels Ransomware gangs Ransomware group Ransomware groups Raspberry Robin ReaderUpdate Actors ReaderUpdate operators RedCurl relatively inexperienced threat actors Remote Attacker Remote attacker (Google Chrome vulnerability) REvil Rhysida Roddux Romance Baiting Operators RomCom rose87168 Russia Russian hackers Russian Intelligence Russian Intelligence Services Russian military intelligence Russian nationals Russian Ransomware Gang Russian state-sponsored group Rwanda Gambling Scam Network Rwandan Social Engineering Scam Group Salt Typhoon Sandworm Scammers Scattered Spider ShinyHunters SideCopy Sider Silk Typhoon Silk Typhoon (formerly Hafnium) SIM Box Fraud Ring Members Smart Attacker SmokeLoader Developers SocGholish Social Design Agency (SDA) South African SIM Box Fraud Group Stalkers State-linked actors state-sponsored attackers State-sponsored threat actor (Russia) State-sponsored threat actors and cybercrime groups from North Korea, Iran, Russia, and China Storm-1674 Storm-1811 Storm-2077 Suspected state-sponsored APT group sybra Threat Actor (TA) Threat Actors behind PJobRAT campaigns Threat Actors with links to Russian hacktivism Threat Actors with Links to Russian Hacktivism Transparent Tribe Turkish-speaking developer Twelve UAT-5918 Ukraine Railway Attackers Unauthenticated Attacker Unauthorized Actor Unauthorized AI Crawlers UNC2465 UNC3886 UNC4841 UNC5221 UNC5337 Unknown Actor(s) behind ahban.shiba and ahban.cychelloworld extensions Unknown Actor(s) Behind Steam Phishing Campaign Unknown Actor(s) behind typosquatting Maven package Unknown APT Group Unknown Cybercriminals Unknown Developer(s) Unknown Phishing Actors VanHelsing VanHelsing RaaS operators VanHelsing RaaS Operators VanHelsing ransomware operation VanHelsingRaaS Operators Veer Chetal VexTrio victim Volt Typhoon Water Gamayu Water Gamayun Weaver Ant XinXin Zambia Phone Hackers Zambian Malware Attack Syndicate ZTE ZTE Corporation
Actor Aliases All $$$ 0mid16B 2ft2dKo28UazTZ AbyssWorker Adem adfoster-r7 ALTDOS Andariel APT-C-01 APT-Q-20 Aqua Blizzard Aquatic Panda Arkana Security Armageddon Armoury Axun Information Technology Babuk-Bjorka Betruger Big Balls bigballs Bill Borguiann Black Technology BlackLock BlackSuit BLASTPASS Blue Otso BlueAlpha Box bwatters-r7 Catist China Chopper CoffeeLoader cold-try CTAG DESORDEN DOGE Dolittle DOLITTLE Doppelgänger Drag-and-Drop Drag-on Drop DragonDrop DragonForce e2002e Earth Kapre EDRKillShifter Eldorado Ellyel8 Emerald Sleet Emmanuel Goldstein EncryptRAT Evilginx FakeUpdates Flax Typhoon FlowerStorm Fraudsters Free Russia Legion Freedom of Russia Legion Genieo Ghost Emperor GhostEmperor GHOSTR Greavys GreenSpot hacker Helix Kitten Hikki-Chan Hive0051 HolyPryx iLrmKCu86tjwp8 INMemory internet hoodlum Iron Tilden jheysel-r7 Joseph O'Connor Judische Kiberphant0m Kimsuky Larva-208 LARVA-208 LosPollos Mambe2FA Mamona MaxOfferDeal MEDUSA ransomware miscreant mmvojwip Moonstone Morphing Meerkat msutovsky-r7 MuddyWater mystic251 nbwdv.sys Nima Fazeli North Korean Lazarus hackers OilRig Operation ForumTroll Operation Undercut OrpaCrab Pig Butchering Poison Cloud Vine POTUS Primitive Bear Pryx QNAP worm QWCrypt RaccoonO365 RansomHub Red Wolf Resurge RESURGE Rey Rob T Firefly rose87168 Roshtyak Russian Volunteer Corps rz Saif Salt Typhoon Scammers ScarCruft Shuckworm SideCopy Silver Toucan SmokeLoader SocGholish SparrowDoor SPAWN SpawnAnt SpawnChimera SPAWNCHIMERA SpawnMole SpawnSloth SPAWNSLOTH SpawnSnail ssd-disclosure StilachiRAT Storm-0856 SuperBlack SYSTEM CHECK ThinkingOne Threat actors Tornado Cash TraderTraitor trafficredirect (Telegram Channel) Transparent Tribe Trident Ursa Tycoon2FA UAC-0010 UNC530 UpdateAgent VirtualPie VirtualPita Volt Typhoon Voltzite Waifu Water Gamayu Water Gamayun Weaver Ant White Bat White Dolphin White Rhino WikiKit Winterflounder Wiz WizardUpdate WormGPT would-be thief Yahoo Boys zeroSteiner zhero תמיר כץ
Exploit Method All .lnk file abuse .lnk File Abuse 2023 Data Breach 23andMe Data Breach 23andMe Data Breach October 2023 2FA_Hijacking_via_Setup_Guide Aadhaar Data Leak Abuse of .NET MAUI for Malware Distribution Abuse of Compromised Systems Abuse of Microsoft Trusted Signing Service for Malware Code Signing Abuse of Presidential Authority to Remove FTC Commissioners AbyssWorker Driver Exploit ABYSSWORKER Driver Exploit Accessibility Service Abuse Accessibility Service Exploitation Accidental Addition of Unauthorized User to Secure Communication Channel Accidental Addition to Sensitive Signal Group Chat Accidental Data Deletion Accidental Group Chat Addition Accidental Inclusion in Sensitive Conversations Accidental Shutdown of R2 Gateway Account Takeover (ATO) Account Takeover through Phishing Account Takeover using Headless Browsers and Automation Tools Acquisition of US Technology for Military Applications Advanced Persistent Threat (APT) Attacks Adversarial Attacks Adversarial Attacks on AI Systems Adversarial Inputs Adversarial Manipulation of Training Data Adversary-in-the-Middle Attack AI Agent Failure to Detect Threats AI Agent Manipulation AI Crawler Exploitation AI-as-a-Service (AIaaS) for Malicious Activities AI-assisted code generation for penetration testing AI-enhanced Social Engineering AI-Generated CSAM Creation and Distribution AI-modified videos and impersonation of legitimate media outlets AI-powered Deepfakes AI-powered Phishing AI-powered Social Engineering for Online Fraud AirHopper Albabat Ransomware GitHub Configuration Retrieval AMSI Bypass AmsiScanBuffer Overwrite and Privilege Escalation in IoT Devices and Unhosted Wallets and Wallet Abuse in Gen-AI Android 13+ Bypass Android App with Malicious Permissions Android malware campaigns using .NET MAUI to evade detection Android Phishing Exploit (IndusInd Bank App Mimicry) AndroidManifest.xml Manipulation AndroidManifest.xml_Bloating Ansible SSH Privilege Escalation Ansible Vault Misconfiguration Leading to Credential Exposure AOL 800 Number Credit Card Exploit Apache Tomcat Flaw Apache Tomcat RCE Vulnerability Apache Tomcat RCE Vulnerability Exploit AppleDouble File Handling Application Bypassing IP Restrictions April 2024 Zero-Day Exploit Arbitrary Code Execution via Malicious File Upload Arbitrary File Upload Arbitrary NGINX Configuration Injection Arbitrary Nginx Configuration Injection and Remote Code Execution AresLoader Malware-as-a-Service AresLoader Malware-as-a-Service (MaaS) Arkana Group's Attack on WideOpenWest (WOW!) Arkana Ransomware Exploit Ascom Cyberattack ASP.NET ViewState code injection AT&T User-Agent Header Exploitation Atlantis AIO for Credential Stuffing and Brute-Force Attacks Attackers can bypass middleware auth checks by exploiting critical Next.js flaw Authentication Anomalies Authentication Bypass Authentication bypass CVE-2025-22230 impacts VMware Windows Tools Authentication bypass impacting VMware Windows Tools Authentication bypass impacts VMware Windows Tools Authentication bypass in VMware Windows Tools Authorization Bypass via x-middleware-subrequest Header Manipulation Authorization/Rewrite Bypass Automated Phishing Attack with OTP Relay Autonomous Chaos AWS KMS Key Compromise AWS PowerUserAccess Privilege Escalation BadUSB Malware Base64-Encoded .NET Web Shell Delivery BGP Hijacking BGP Hijacking Leading to Fraudulent Certificate Issuance Billion_Laughs_DoS Biometric Spoofing and Deepfake Attacks Black Basta Ransomware Attack Black Screen Overlay Attack BLASTPASS Bootloop Exploit via Unpatched Buffer Overflow Vulnerabilities Brainfuck Interpreter in Grip Virus Brand Impersonation in Google Ads Bring Your Own Vulnerable Driver (BYOVD) Broken User-Device Association Logic Browser Extension Repurposing Browser Fingerprinting Evasion Browser Syncjacking Browser-in-the-Browser (BitB) Phishing Browser-in-the-Middle (BitM) Attack Brute Force Attack Brute-Force Password Attacks Business Email Compromise (BEC) BYOVD (Bring Your Own Vulnerable Driver) Bypass CAPTCHAs Bypass via aa-exec Bypass via busybox Bypass via LD_PRELOAD Bypassing Cloud Dependency Exploit Bypassing Existing White House Security Controls BypassNRO.cmd script exploitation California Cryobank Data Breach Call Stack Spoofing Cambridge Analytica Data Harvesting CAPTCHA Bypass Cellebrite zero-day exploit Cellebrite Zero-Day Exploit ChatGPT Payment Data Leak ChatGPT SSRF bug ChatGPT SSRF Bug China Chopper web shell China Chopper Web Shell China Chopper Web Shell Deployment China Chopper Web Shell Exploitation China-linked hacking of US telecoms firms Chisel for Tunneling/RDP Access Chrome Sandbox Bypass Exploit Chrome Sandbox Escape Zero-Day cimfs.sys Local Privilege Escalation Circumvention of Public Records Laws through Encrypted Messaging Citrix Component Blockage of January 2025 Windows Security Update Citrix Session Recording Agent (SRA) Vulnerability Classic Outlook Crash Exploits Clearview AI Data Scraping Cleo File Transfer Software Exploit ClickFix Client-Side Authentication Vulnerability Cloak Ransomware Clop Ransomware Exploitation of Zero-Day in Cleo Software CLOUD Act Data Subpoena Cloud_Snapshot_Export_Exploit Cloud_Storage_Object_Download_and_Deletion_Exploit Cobalt Strike Abuse CoffeeLoader's GPU-based packing and call stack spoofing CoffeeLoader's HTTPS communication with certificate pinning CoffeeLoader's persistence mechanism via Windows Task Scheduler CoffeeLoader's Sleep Obfuscation CoffeeLoader's use of Windows Fibers Color Calibration Matching Command Injection Compromise of Oracle Cloud SSO Endpoint Compromise of Zyxel CPE Routers Compromised Credentials and RDP Exploitation Compromised Credentials Exploitation Compromised Customer Credentials Exploit Compromised Legitimate Domains for Phishing Compromised WordPress Sites for Redirection Container Escape via Device Access and DMA Attacks Content Security Policy (CSP) Bypass Coordinated Inverter Power Modulation Attack Creation of a text file on a public-facing Oracle server Credential Disclosure via Insecure Client-Side Handling Credential Disclosure via Insecure Storage Credential Harvesting with Mimikatz Credential Leakage Scanning Credential Stuffing Credential Stuffing via Atlantis AIO Credential Stuffing with Atlantis AIO Multi-Checker Credential Stuffing/Reuse Credential Stuffing/Valid Account Leverage Credential_Harvesting_through_Fake_Security_Warnings Cross-Chain Swaps Cross-platform JavaScript stealer Cross-Prompt Injection Cross-Site Scripting (XSS) in Growatt Products CrowdStrike Update Failure CrushFTP Unauthenticated HTTP(S) Port Access CSPT->JSONP->XSS CSPT->Open Redirect->XSS CSPT2CSRF CSS evasion tactics in spam emails CSS Evasive Phishing CSS-based evasive phishing CSS-based Evasive Phishing Custom Backdoors (Veaty, Spearal) Custom wmiexec Variant for Lateral Movement CVE-2025-1974 Exploit Dangling Commit Exploit Data Aggregation and Merging Data and Identity Theft Data Breach Data Breach December 2023 Data Breach Exploitation of Distressed Assets Data Breach through Inadequate Redaction and Release of JFK Files Data Breach via Unauthorized File Download Data Breach via Unknown Means Data Collection and Third-Party Sale Data Exfiltration during Layoffs Data Leakage Data Leakage via Unsecured GenAI Apps Data Loss in Google Maps Timeline Data Poisoning/Model Manipulation/Data Leakage Data Scraping Data_Exfiltration DDoS Attacks Decrypt Later Deepfake Attacks Deepfake Social Engineering and Financial Fraud Deepfake-based Fraud Deepfakes and AI-Fueled Attacks Default Password Authentication Bypass Denial of Service (DoS) and Remote Code Execution (RCE) in Sungrow Products Denial of Service via Repeated Restarts Denial-of-Service (DoS) via Cache Poisoning DFSCoerce Digital Fingerprinting Direct Label Copying Disinformation Campaign Targeting 2024 Elections DLL Side-Loading DLL Side-Loading via ADNotificationManager.exe DLL Side-Loading via Screensaver in IMG File DLL side-loading with renamed Microsoft Office IME executable DLL Sideloading DLL Sideloading via Adobe Executable DNS Attacks (Sitting Ducks) DNS MX Record Abuse for Phishing Page Delivery DNS MX Record Exploitation (Morphing Meerkat) DNS MX Record Exploitation for Phishing DNS MX Record Exploitation for Targeted Phishing DNS MX Record Spoofing for Phishing DNS Tunneling DocuSign_Link_Expiration_Exploit Domain Hijacking Domain Hijacking of microsoftstream.com Domain name registration to mimic Western news outlets DOMPurify Bypass Drive-by Compromise via Phishing Email E-ZPass Phishing via SMS Easy Anti-Cheat Incompatibility EDR Kill Chain Disruption EDRKillShifter Email Account Compromise Email Account Hacking Encrypted Socket Communication End Run Around FCC Prohibitions Equifax Data Breach Exploit Eramba Authenticated Remote Code Execution EventLogCrasher Evilginx AitM Attack Evilginx Attack Excessive and Random Permissions in AndroidManifest.xml Expired Domain Takeover Exploit of a NIST Post-Quantum Cryptography Algorithm Finalist Exploit of Current Encryption Protocols by Future Quantum Computers Exploit of N-day Vulnerabilities Exploit of Unpatched Cisco Devices by Salt Typhoon Exploitation of End-of-Life Devices Exploitation of Fortinet Firewall flaws Exploitation of Known Exploited Vulnerabilities Exploitation of Known Exploited Vulnerabilities (KEVs) Exploitation of Misconfigured HMI Systems in Water Facilities Exploitation of new Apache Tomcat flaw Exploitation of Outdated High-Risk Applications Exploitation of outdated Microsoft Exchange and Windows Server endpoints Exploitation of recently disclosed Palo Alto Networks PAN-OS firewalls bug Exploitation of Unpatched Vulnerabilities Exploitation of Vulnerabilities in the Wild Exploiting Device Driver or Firmware Vulnerabilities Exploiting Insecure Notification Protocols Exploiting Pioneer DMH-WT7600NEX Car Infotainment System Exploiting Third-Party Notification Service Vulnerabilities Exposure of Personal Information of US Security Officials Exposure of Venmo Accounts Extortion Facial Recognition System Bias Fake DeepSeek Ads Malware Fake DeepSeek Google Ads Fake Google Ads Leading to Malware Download Fake Online Storefronts and Seller Profiles FakeApp Malware Campaign False NIST SP 800-171 Self-Assessment Faulty CrowdStrike Driver Update Exploit File Upload to Oracle Cloud Financial Fraud Find My Network Exploitation Forced Browsing Vulnerability (Footage Manipulation) FORCEDENTRY ForumTroll Exploit Fraud Attacks Targeting Financial Institutions Free Online File Converter Malware FreeType Zero-Day FreeType Zero-Day Exploit Frustration-Based Bug Report Sabotage Gemini AI Abuse by Hackers Geo-Fencing GitHub Action Compromise GitHub Action Supply Chain Attack GitHub Action Supply Chain Breach GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi Google Chrome Zero-day Exploit Chain Google Forms Abuse for Data Exfiltration Gootloader Malware Delivery via Fake File Converter GPS Jamming GPS Spoofing Grandoreiro Banking Trojan Grandoreiro Banking Trojan Phishing Campaign Growatt Account Hijacking Growatt and other Vendor Device/Account Takeover Growatt Information Disclosure and Physical Damage Growatt Inverter Cloud-Based Control Hijacking Growatt Inverter Hijacking Growatt Username Enumeration Hacking/Unauthorized Access Hallucination Attacks Hard-coded Credentials Authentication Bypass Hardcoded AWS Key Exploit Harmful Content Generation Harvest Now Heap Corruption via Maliciously Crafted HTML Hidden Privilege Escalation Hijacked Iraqi Government Email Addresses Home Network Deception IAM_Token_Harvesting_and_Remote_Command_Execution Identity Theft Identity Theft and Fraudulent Use of Stolen Identity Document IDOR Access Control Vulnerabilities IDOR Exploit for Database Access Iframe Injection and JavaScript Redirection IIS Web Shell Exploit IIS Webshell Exploit Immersive World LLM Jailbreak Impossible Travel Logins Improper Group Management in Signal Improper Privileged Access Grant Improper Use of Signal for Classified Information Inadequate Vulnerability Scanning and Patch Management Inappropriate Personal Information Collection in Apps and Services Incorrect Credential Rotation Indirect Prompt Injection Attacks Indirect Prompt Injections Ineffective Traditional DLP Methods Info-stealer Malware Exploit Information Disclosure via Splunk Secure Gateway Information Stealing Malware on StreamElements Employee Machine Ingress NGINX Controller Vulnerabilities IngressNightmare IngressNightmare Arbitrary Nginx Configuration Injection IngressNightmare Exploit Chain IngressNightmare Exploits IngressNightmare NGINX Vulnerabilities IngressNightmare_Exploit INMemory Custom Web Shell INMemory web shell INMemory Web Shell INMemory Web Shell Deployment and Execution Insecure Code Leading to Attacks Insecure Direct Object Reference (IDOR) Insecure Direct Object Reference (IDOR) in Sungrow Products Insecure Password Storage Insider Threat Exploitation via Excessive Data Access Insufficient_VPN_and_other_security_technologies Interlock Ransomware Disguised as Software Updater Invoke-SMBClient with NTLM Hashes IP Spoofing in DDoS Attack IPP Protocol Abuse Jailbreaking of Legitimate AI Tools Lack of Multi-Factor Authentication Large-Scale Multi-Level Cyberattack on Ukrzaliznytsia Lateral Movement Exploit Lateral Movement Post-Initial Breach Lateral Movement using Compromised Credentials Lazarus Group Money Laundering via Tornado Cash Leaked Credentials Exploit LFI_Exploit LFR System Evasion by Covering Faces Living off the land (LotL) techniques Living off the Land (LOTL) Techniques Living off the Land Techniques (Volt Typhoon) Living-off-the-Land (LOTL) Techniques Living-off-the-Land Techniques (LOLBins) LLM Evasion LNK File Execution and PowerShell Downloader Loan App Scam Local File Include (LFI) Exploit Local File Inclusion (LFI) Exploit Local File Inclusion (LFI) on BlackLock Data Leak Site Local Privilege Escalation via Insecure OpenSSL Configuration Local Privilege Escalation via Missing Root of Trust Local Privilege Escalation via OpenSSL Misconfiguration Lua Obfuscation in Flame Malware Lucid Phishing-as-a-Service Mailchimp Account Takeover via Phishing Mailchimp Phishing Attack Malicious Browser Extensions Malicious Document Converter Exploit Malicious free online document converters Malicious Free Online Document Converters Malicious IP Blocking Malicious Link Exploit Malicious Links Compromising Devices Malicious LNK File Exploit Malicious npm Package Installation Malicious Package Update Malicious Torrent Exploit Malicious URL Exploit Malvertising Campaign Using Fake Semrush Ads Malware Malware Distribution via Malicious Links Malware Injection via File Converters Malware Persistence Exploit Malware to Hijack Messaging and Banking Apps Mamont Android Banking Trojan Man-in-the-Middle Attack leveraging unencrypted HTTP Man-in-the-Middle Attacks (mitigated by Private Wireless Networks) Manifest V2 Extension Blocking Manipulating the Device Plugin's Unix Domain Socket Manual Registry Modification Masquerading as Google Chrome Mass Decertification of Voting Machines Medusa Ransomware BYOVD Attack Medusa Ransomware Exploitation of Unpatched Vulnerabilities Medusa Ransomware using ABYSSWORKER Metadata Collection and Sharing in WhatsApp Microsoft Teams Phishing Mirai Botnet DDoS Attack Mirai Botnet Exploiting Edimax Zero-Day Mirai-based Botnet Exploitation Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras Mirai-based botnets exploiting Edimax IP cameras zero-day Misconfiguration Exploit against Telecommunications Company (Weaver Ant) Misconfigurations Exploit Misconfigured Hardware Post-Windows 10 to Windows 11 Migration Misconfigured MS SQL Server Crypto Mining Misleading Domain Registration MMC_MUIPath_Exploit Mobile Banking Fraud and Malicious Messaging App Schemes Model Exfiltration Money Laundering via DeFi Money Laundering via Tornado Cash Morphing Meerkat Phishing Kits Morphing Meerkat phishing kits exploit DNS MX records Morphing Meerkat Phishing Kits exploiting DNS MX records MOVEit Transfer and GoAnywhere Exploits MSC EvilTwin MSHTA Command Execution Multi-layered cyberattack against Ukrzaliznytsia Multi-layered_Encryption_and_Staged_Execution Multi-Stage Dynamic Loading and Encryption Multi-stage Dynamic Loading and Obfuscation Multiple Proof-of-Concept Exploits Next.js middleware authentication bypass Next.js Middleware Authentication Bypass Next.js Middleware Authorization Bypass Next.js Middleware Bypass NIST Cybersecurity Control Gaps Nitrogen Ransomware Abuse of truesight.sys Driver NPM Package Hijacking NTLM Hash Authentication NTLM Hash Exposure via Unpatched Office Flaw NTLM relay attacks NYU Website Defacement OAuth 2.0 Refresh Token Phishing Obfuscation of Malicious Code within .NET MAUI Blobs Obfuscation Techniques in Malware Obfuscation_via_.NET_MAUI_and_Blob_Files Off-Topic Responses One-click phishing attacks exploiting a Chrome zero-day One-day exploits for local privilege escalation Open Redirect Abuse Open Redirect Exploit on AdTech Infrastructure Open Redirect Exploit on Adtech Platforms Open Redirect Exploits on Ad Tech Platforms Open Redirect Vulnerability in AdTech Infrastructure Operation ForumTroll Operation Zero Telegram Zero-Day Exploit OPERATOR PANDA Exploit Chain Opportunistic Attacks on SMEs Oracle Cloud Hack Oracle Cloud SSO Credential Harvesting Oracle Cloud Vulnerability Exploit OS Command Injection Outlook Crash Exploit (Go to Classic Outlook Button) Outlook Drag-and-Drop Exploit Overlay Attack Overly-Privileged Compute Engine Service Account Paragon Partition Manager BioNTdrv.sys driver zero-day Paragon Spyware Exploiting Zero-Click WhatsApp Flaw Pass-the-hash attacks Password Attacks Password Guessing Password Reuse and Sharing Password Reuse and Weak Passwords Pennsylvania State Education Association Data Breach Persistence via Malicious Code Persistent Reverse Shell Injection via Malicious npm Packages Personal Information Exposure via Online Directories PetitPotam Phishing Phishing and 2FA Reset Phishing Attack Targeting Mailchimp Users Phishing Attacks Phishing Attacks Targeting Credentials Phishing Attacks with Malicious Scripts Phishing for Full Credit Card Details Phishing through Malicious Links Phishing through Notification Channels Phishing using OTP Codes Phishing with Double Extensions Phishing with Malicious Attachments Phishing with Malicious LNK Files Phishing_in_MS_Office Phishing_using_legitimate_hosting_services Phishing_via_Fake_Instagram_Alert_and_Chatbot Phishing_via_Trusted_Platforms Phone Service Level Change PJobRAT Android Malware PJobRAT Android RAT PJobRAT Android RAT Exploit Planned Data Deletion Poor Vulnerability Scanning and Inadequate Patch Management Port Scanning Exhaustion Post-Exploitation Techniques PostgreSQL flaw chained with BeyondTrust zero-day Potentially Unsecured MongoDB Instance Powershell Backdoor (Power Service) PowerShell Commands without PowerShell Process PowerShell Downloader and DLL Side-Loading PowerShell-based Ransomware Delivery via Malicious VSCode Extensions PrinterBug/SpoolSample Privilege Escalation via HostPath Mounts and Root Access Privilege Escalation via Misconfigurations Program Compatibility Assistant (pcalua.exe) Execution Prompt Injection Prompt Injection Attacks ProxyLogon Exploit Publicly Available Exploits Targeting Healthcare Organizations Publicly Available Personal Information PWA/WebAPK Phishing Attacks Qilin Ransomware Attack QNAP device compromise Random Text Printing Exploit (Post-Late January 2025 Updates) RansomHub Ransomware and 'Betruger' Backdoor Ransomware Ransomware Attack Ransomware Attack against Astral Foods Ransomware Attack on KLIA Ransomware Attacks Ransomware Attacks on Critical Infrastructure Ransomware Attacks via Third-Party Access Ransomware Exploits Targeting IoMT Devices and Insecure Internet Connectivity Ransomware Exploits Targeting Vulnerable IoMT Devices Ransomware_Infection_via_Malicious_Emails_and_Downloads Rclone for Data Exfiltration RDP Disconnection Exploit RDP Disconnection Exploit (Post-January 2025 Updates) RDP Disconnection Exploit (UDP) RDP Freeze Exploit (Windows Server 2025) ReaderUpdate Malware ReaderUpdate Malware Loader Recursive HTTP tunnel Recursive HTTP Tunnel for Lateral Movement Recursive HTTP Tunnel Tool Recursive Tunneling Remote Access Trojan (RAT) Functionality Remote Code Execution Remote Code Execution via sys ping Command Injection Remote Code Execution via Unauthorized Access in CrushFTP Remote Desktop Freeze Exploit (Post-February 2025 Updates) Remote Encryption Technique Remote Hacking of Inaba Plant Monitoring Cameras Resource Spoofing by Malicious Plugins REST_Interface_DoS RESURGE RESURGE Malware Resurge Malware Deployment Risky Sign-ins Roblox Download Block on Windows ARM Devices Romance Baiting Scam Romance Baiting/Pig Butchering Scam RomCom Exploit Chain Router Manipulation to Cause Network Chaos Rules File Backdoor Rules File Backdoor (AI Code Editors) Rules File Backdoor in AI Code Editors Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks Russian APT Firefox/Windows Zero-Day Chain S3 Bucket Misconfiguration Sandbox Bypass via Mojo Vulnerability Sandbox Escape via Malicious Website Sandbox Escape via Phishing Sandbox Escape via Zero-Day Vulnerabilities in Broadcom Virtual Machine Satellite Control System Compromise Satellite Jamming Satellite Spoofing Scams SCF File NTLM hash disclosure SCF File NTLM Hash Disclosure Search Engine Manipulation for Phishing Semrush Impersonation Scam Sensitive Data Exposure Sensitive Data Exposure (AI) Serial Debugging Shell Access on Withings WBS06 Server-Side Request Forgery (SSRF) Serverless Function Credential Harvesting and Lateral Movement Session Hijacking Sextortion_Social_Engineering Shadow AI ShadowPad Backdoor Signal Group Chat Compromise Signal Group Misinvitation Signal Phishing Exploit SIM Box Fraud SIM Swap Attack SIM Swapping Sleep Obfuscation SMA Sunny Portal .aspx File Upload RCE Smart Coffee Machine Ransomware SMB Exploitation for Lateral Movement SMB Network Spread Smishing_Phishing_Kit_Exploit SMS Phishing with Malware SMS-based MFA Vulnerability Snowflake Data Breach Exploit Snowflake Hack Social Engineering Against AI Agents Social Engineering Scam (Rwanda) Social Engineering Scams Social Engineering Scams (Impersonation) Social Engineering Scams (Phishing) Social Engineering with Fake Gambling Wins Social Engineering with Fake Security Alerts Social Engineering with Generative AI Software Supply Chain Attacks SPAWN (ecosystem) SPAWNCHIMERA SpawnChimera Malware Deployment SPAWNSLOTH Spear Phishing Spoofing Mailchimp Sender Name in Outlook iOS App Spyder Loader and SodaMaster Loaders Exploitation SQL Injection in OEM API SQL Injection with Cobalt Strike Beacon SSH Backdoor Exploit SSH Tunneling SSRF against AWS Metadata Service SSRF_Exploit_via_XXE Stack Overflow in Sungrow Inverters Communication Dongles StilachiRAT Strategic Lawsuits Against Public Participation (SLAPP) Sungrow Hardcoded Password Sungrow Insecure AES Key and AitM Sungrow Inverter Hijacking Sungrow MQTT Vulnerabilities Supply Chain Attack via Compromised GitHub Action Supply Chain Attack via Malicious npm Packages Supply Chain Attacks Suprema Biostar 2 Breach Suspicious Mailbox Activity TCP_Socket_C2_Communication Telegram Exploits Terraform Unencrypted State Files Third-Party Access Exploitation by Ransomware and State-Sponsored Attackers Third-Party Email Provider Misconfiguration Timing Attack against startsWith Tornado Cash Money Laundering TP-Link flaw exploited by Ballista Botnet Tracking Pixels for Targeted Advertising Traditional Pattern Matching and Keyword Limitations Trojan Horse Attack (Simulated) Troy Hunt Phishing Attack Trusted Relationship Attack Typosquatting of Maven Package 'scribejava-core' UAC Bypass UAT-5918 Exploit Unauthenticated Access and Lateral Movement Unauthenticated Access Exploit Unauthenticated Access to BEC Technologies Routers Unauthenticated HTTP(S) Port Access Unauthenticated Oracle Access Manager Compromise Unauthenticated RCE via Misconfigured PostgreSQL Unauthorized Access and Data Manipulation Unauthorized Access by DOGE Unauthorized Access to Sensitive Information via Unsecured Messaging App Unauthorized Access to Third-Party Patient Management Software Unauthorized AI Tool Usage (Shadow AI) Unauthorized Self-Authorization in Salesforce Undisclosed Oracle Cloud Vulnerability Exploit Unencrypted Ansible Playbooks Unknown Exploit Chained with CVE-2025-2783 Unpatched Known Vulnerabilities Unsecured Amazon S3 Bucket Unsecured Data Transmission in Generative AI Browser Extensions Unsecured Database Exposure Unsecured Signal Communication for Sensitive Military Planning Unspecified Atop Exploit Unspecified DrayTek Router Vulnerabilities Unspecified Exploit leveraging CVE-2025-2783 Unspecified SSO exploit URL Redirection Exploit USB_Malicious_Update_Package USB-based propagation using LNK files Use of less common programming languages to evade static analysis Use of Signal for Concealing Government Communications User-Agent Header Injection for RCE VanHelsing Ransomware VanHelsing Ransomware File Extension Mismatch VanHelsing Ransomware SMB Spread VanHelsing Ransomware Stealth Mode VanHelsingRaaS Ransomware Veeam Recovery Media Incompatibility with Windows 11 KB5051987 Update Venmo Data Exposure Venmo Friend List Exposure Venmo Public Profile Exploitation Viasat KA-SAT Satellite Attack ViewState code injection ViewState Code Injection ViewState Code Injection (ASP.NET) ViewState code injection attacks Virtual Machine Vulnerabilities Vishing Vivaldi Browser VPN Limited Scope Volt Typhoon exploiting a year-old firewall vulnerability Volume Shadow Copy Service (VSS) Deletion Weak or Nonexistent Obfuscation Weak Password Exploitation Weak Password Exploitation in MFA Weak Password Requirements and Forced Browsing Weaponization of Federal Funding and Resources Web Shell Deployment on IIS Server Web Shell Tunneling WebKit Flaw WebKit Vulnerability Exploit WebKit Zero-Day Exploit (Apple iOS) WebLogic Zero-Day Exploit Website and Mobile App Denial of Service WEMIX Blockchain Platform Exploit Western Alliance Bank Data Breach Widespread DrayTek Router Reboots Windows 11 24H2 Network Connectivity Issues Windows 11 24H2 Network Visibility Issue Windows Cloud File Mini Filer Driver Heap Overflow LPE Windows Fibers Windows Zero-Day Windows Zero-Day Exploit (Russian Ransomware Gang) WordPress Plugin Injection and Redirect Script X-Middleware-Subrequest Header Manipulation XWiki Search OS Command Injection XXE_Exploit YouTube Link Manipulation ysoserial.exe exploit Zero-day exploits and malicious malware Zero-day Windows shortcut exploit (ZDI-CAN-25373) Zombie Zero
Vulnerabilities All CVE-2015-5177 CVE-2015-5221 CVE-2016-3177 CVE-2017-11882 CVE-2019-9874 CVE-2019-9875 CVE-2020-27212 CVE-2020-8515 CVE-2021-20123 CVE-2021-20124 CVE-2021-26855 CVE-2021-34473 CVE-2021-35587 CVE-2021-44228 CVE-2022-24999 CVE-2022-30190 CVE-2023-34048 CVE-2023-35082 CVE-2023-36255 CVE-2023-38831 CVE-2023-40680 CVE-2023-41061 CVE-2023-41064 CVE-2023-43177 CVE-2023-4863 CVE-2023-49103 CVE-2023-4966 CVE-2023-5123 CVE-2024-10487 CVE-2024-12797 CVE-2024-21894 CVE-2024-25600 CVE-2024-26170 CVE-2024-27564 CVE-2024-27956 CVE-2024-28995 CVE-2024-30085 CVE-2024-37085 CVE-2024-3721 CVE-2024-38812 CVE-2024-38813 CVE-2024-4040 CVE-2024-40711 CVE-2024-4345 CVE-2024-44243 CVE-2024-44276 CVE-2024-4577 CVE-2024-4761 CVE-2024-48248 CVE-2024-49039 CVE-2024-50623 CVE-2024-50685 CVE-2024-50686 CVE-2024-50692 CVE-2024-50693 CVE-2024-50694 CVE-2024-50695 CVE-2024-50698 CVE-2024-54085 CVE-2024-55591 CVE-2024-55963 CVE-2024-55964 CVE-2024-55965 CVE-2024-8353 CVE-2024-9680 CVE-2025-0111 CVE-2025-0282 CVE-2025-0731 CVE-2025-1097 CVE-2025-1098 CVE-2025-1316 CVE-2025-1449 CVE-2025-1974 CVE-2025-20229 CVE-2025-21308 CVE-2025-21377 CVE-2025-22224 CVE-2025-22225 CVE-2025-22226 CVE-2025-22230 CVE-2025-23120 CVE-2025-24472 CVE-2025-24513 CVE-2025-24514 CVE-2025-24517 CVE-2025-2476 CVE-2025-24799 CVE-2025-24813 CVE-2025-24852 CVE-2025-24983 CVE-2025-24993 CVE-2025-25211 CVE-2025-25291 CVE-2025-25292 CVE-2025-26512 CVE-2025-26633 CVE-2025-26689 CVE-2025-26909 CVE-2025-27218 CVE-2025-2762 CVE-2025-2763 CVE-2025-2764 CVE-2025-2765 CVE-2025-2766 CVE-2025-2767 CVE-2025-2768 CVE-2025-2769 CVE-2025-2770 CVE-2025-2771 CVE-2025-2772 CVE-2025-2773 CVE-2025-2783 CVE-2025-2825 CVE-2025-2857 CVE-2025-29927 CVE-2025-30066 CVE-2025-30154 GHSA-6qmp-9p95-fc5f GHSA-7jxf-mmg9-9hg7
MITRE ATT&CK TTP All "context": "The article explicitly describes the exploitation of a publicly exposed application (Ingress-NGINX admission controller) through the injection of malicious ingress objects. This leads to remote code execution (RCE) on the controller's pod due to a vulnerability in the configuration validation process." "contradictions": "None. The article clearly supports this technique." } "During the configuration validation phase "Exploitation for Client Execution: T1203 "independent_analysis": "The vulnerability resides in the public-facing component "When the Ingress-NGINX admission controller processes an incoming ingress object Access control weaknesses Accessibility Service: T1106 allowing remote code execution (RCE) on the Ingress NGINX Controller’s pod."] Application Layer Protocol: T1071 Brute Force Attacks: T1059 by sending a malicious ingress object directly to the admission controller through the network” Cloud Accounts: T1078 Cloud Accounts: T1078.004 Command and Scripting Interpreter: T1059 Configuration Drift: T1562 Content Injection: T1659 Credential from Password Stores: T1555 Credential Harvesting: T1566.001 Credentials from Password Stores: T1555 Data Breach: T1490 Data Breach: T1566.002 Data Encrypted for Impact: T1486 Deobfuscate/Decode Files or Information: T1140 Drive-by Compromise: T1189 Drive-By Compromise: T1189 Email Forwarding Rule: T1114.003 Exploit Public-Facing Application: T1190 Exploitation for Client Execution: T1203 Exploitation for Privilege Escalation: T1068 Exploitation for Remote Code Execution: T1203 Exploitation for Remote Services: T1210 Exploitation of Remote Services: T1210 External Remote Services: T1133 File and Directory Discovery: T1083 HostPath Hardening: T1562 Impair Defenses: T1562 Indicator Removal on Victim: T1070 Indicator Removal: T1070 Ingress Tool Transfer: T1105 Inhibit System Recovery: T1490 Input Capture: T1056 it constructs an NGINX configuration from it and then validates it using the NGINX binary. Our team found a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely Lateral Tool Transfer: T1570 Modify Registry: T1112 Money Laundering: T1071 Native API: T1106 Non-Application Layer Protocol: T1095 Obfuscat ed Files or Information: T1027 Obfuscate Files or Information: T1027 Obfuscate/Decode Files or Information: T1027 Obfuscate/Decode Files or Information: T1140 Obfuscated Files or Information: T1027 Obfuscation Files or Information: T1027 Obfuscted Files or Information: T1027 OS Credential Dumping: T1003 Phishing: T1566 PowerShell: T1059.001 Private Vulnerability Reporting (PVR): T1114.003 Process Injection: T1055 Proxy: T1090 quotes": ["Because the software’s admission controllers are typically exposed to the public internet Ransomware: T1486 Remote Code Execution (RCE): T1021 Remote Code Execution: T1203 Remote Services: T1021 Replication Through Removable Media: T1091 Scheduled Task/Job: T1053 Service Stop: T1489 Shadow IT: T1562 Social Engineering: T1566 Spearphishing Attachment: T1193 Spearphishing Link: T1192 SQL Injection: T1566 Supply Chain Compromise: T1195 System Information Discovery: T1082 the admission controller the injected NGINX configuration causes the NGINX validator to execute code they are at “critical risk” of attack" Trusted Relationship: T1199 ttp": { "items": { "Exploit Public-Facing Application: T1190 Unsecured Credentials: T1552 Valid Accounts: T1078 Vishing: T1566 Weak Password Requirement: T1552 which processes incoming requests. Malicious requests leverage a flaw in the NGINX configuration validation to execute arbitrary code. The public exposure is a critical element enabling the attack." Windows Command Shell: T1059.003 Windows Management Instrumentation: T1047
Exploited Software All .NET MAUI .NET web shell @bithighlander/bitcoin-cash-js-lib @coinmasters/types @crosswise-finance1/sdk-v2 @ethersproject/providers @keepkey/device-protocol @travix/ui-themes @veniceswap/eslint-config-pancake @veniceswap/uikit 23andMe 23andMe systems 23andMe's internal systems 276 crypto wallets 70mai A510 aa-exec Aadhaar (India’s national identification system) ABB Products with enabled REST interface AbyssWorker (smuol.sys) ABYSSWORKER Driver (used by Medusa Ransomware) Accelion FTA Accellion FTA Active Directory ADNotificationManager.exe Adobe Adobe Acrobat and Reader Adobe Executable (Vulnerable to DLL sideloading) Advanced Health and Care Limited Software agentkit AI applications and agents Albabat Ransomware Amazon S3 Amazon Website AMI MegaRAC BMC software Android Android Applications Android banking apps Android RCS Ansible AOL AOL dial-up service (circa 2005) Apache Tomcat Appian Cloud AppianCloud Apple Advanced Data Protection (ADP) Apple Passwords App (CVE-2024-44276) Apple Products Applications with SSRF vulnerabilities Appsmith Arbix Finance AresLoader Arista NG Firewall ARM atop Audius Authentik Identity Provider AutoCAD Autodesk AutoCAD 2022 Avi Load Balancer AWS KMS AWS Metadata Service Axie Infinity's Ronin network babel-preset-travix Banking Apps Barcode scanners (Zombie Zero) Bdrive Bdrive NetDrive Beanstalk DeFi platform BEC Technologies Multiple Routers BEC Technologies Routers BlackLock Data Leak Site BlackLock Ransomware Data Leak Site (DLS) bnb-javascript-sdk-nobroadcast Border Gateway Protocol (BGP) Bricks theme Broadcom Software (unspecified) Browser Extensions BSD busybox BusyBox Bybit C# Canva CarlinKit CPC200-CCPA CChat Cerner legacy data migration servers Cerner's legacy server ChatGPT ChatGPT for Google China Chopper China Chopper web shell China Chopper Web Shell CHOCO TEI WATCHER Chrome Chrome (unspecified version) Chrome Store OAuth Chrome Web Store Extensions (Unspecified) Chromium-based browsers (Edge, Brave, Vivaldi, Opera) cimfs.sys Cisco Devices Cisco Smart Licensing Utility Citrix Components Citrix Session Recording Agent (SRA) version 2411 Citrix ShareFile cldflt.sys (Windows Cloud Files Mini Filer Driver) Cleo Cleo Harmony Cleo LexiCom Cleo secure file transfer software Cleo software Cleo VLTrader ClipBanker, Grandoreiro, CliptoShuffler, BitStealer (PC Malware) Cloud IAM Tokens cloud infrastructure Cloud infrastructure Cloud Storage Services Cloudflare Cloudflare API Cloudflare DoH Cloudflare R2 Cobalt Strike Commix country-currency-map Crazy Evil Traffers CrowdStrike CrowdStrike Driver (Unspecified Version) CrowdStrike Falcon (driver) CrowdStrike Falcon Driver (imitated) CrushFTP CrushFTP v10 CrushFTP v11 Cryptocurrency Wallets curl DeepSeek DeepSeek generative AI software DeFi protocols Delphi Delphi-based executable dirk1983/chatgpt (CVE-2024-27564) DocuFlex.exe DocuSign DOMPurify DoubleClick DrayTek devices DrayTek Routers Dropbox DuckDuckGo Easy Anti-Cheat eBay Edge Edimax Camera Edimax IC-7100 IP cameras EDRKillShifter Eight Sleep Pod Firmware Email Clients (Unspecified) Email Software (Unspecified) End-of-Life (EOL) Devices Equifax's U.S. website application Eramba (up to 3.19.1) eslint-config-travix ESP32 Chip ESXi Ethereum ethers ethers-provider2 ethers-providerz Event Tracing for Windows (ETW) and Antimalware Scan Interface (AMSI) Explorer.exe Facebook File Server (Unspecified) file transfer software File transfer software Firefox Firefox (unspecified version) Firewall (Unspecified) Fortinet applications Fortinet firewall appliances Fortinet FortiOS FraudGPT Free Online Document Converter Tools Free online file converters FreeType Gemini AI Generic Retail Firm's Computer and Payment System (Unspecified) GenNomis AI image generation tools Giflib GIS Servers GitLab GiveWP plugin GLPI <= 1.0.18 (with Inventory Plugin) Gmail Gmail, Outlook, AOL, Office 365, Yahoo GMX GMX.de GNSS receiver software Go GoAnywhere GoAnywhere MFT Google Ads Google Ads Platform Google Authenticator Google Chrome Google Chrome (unspecified version) Google Cloud ESP v2 Google Docs Google DoubleClick Google Drive, Dropbox, OneDrive Google Forms Google Gemini Google Maps Timeline Google Public DNS Google Workspace Sync Google_Search Gootloader GPS Systems GPT-J Grafana Grammarly Grammarly, Microsoft Copilot, QuillBot, and Wordtune Growatt evcharge.growatt.com/ocpp endpoint Growatt Inverters Growatt server-api.growatt.com/newPlantAPI.do endpoint Growatt server-api.growatt.com/newTwoEicAPI.do endpoint Growatt server.growatt.com/userCenter.do endpoint Growatt Solar Power System Products Harmony Bridge Harpa Heracles MSIL Trojan Hotmail HTTPS Certificates Hyper-V Hypervisors IAM Applications IIS Server ImageIO (CVE-2023-41064) iMessage Inaba Choco Tei Watcher Mini (IB-MCT001) Inaba Plant Monitoring Cameras IndusInd Bank app (Android) Info-stealer malware Ingress Nginx Controller Ingress NGINX Controller Ingress NGINX Controller for Kubernetes ingress-nginx Ingress-Nginx Controller INMemory INMemory web shell INMemory Web Shell Intel Smart Sound Technology (Intel SST) drivers (versions 10.29.0.5152 or 10.30.0.5152) Internet Archive infrastructure Internet Information Services (IIS) Internet-of-Medical-Things (IoMT) devices Investment Applications Investment Apps Invoke-SMBClient PowerShell module IoMT devices IoMT Devices iOS 16.6 IoT and OT Devices IoT devices Iraqi government email system Ivanti Connect Secure Ivanti Neurons for ZTA gateways Ivanti Policy Secure Ivanti software (unspecified) Ivanti ZTA Gateways JasPer JPEG-2000 Juniper Routers Juniper Routers (End-of-Life) Kubernetes Kubernetes Device Plugins Kubernetes Service Accounts LastPass Legacy Windows and Linux Operating Systems Linux Log4j 2 (Log4Shell) Lumma Stealer Mac Browsers macOS macOS (in Bybit attack) Mail.com Mailchimp Malaysia Airports Holdings Berhad (MAHB) systems Mamona Ransomware Data Leak Site (DLS) Mamont (Android Malware) Mastercard Website Maven package impersonating scribejava-core OAuth library MaxAI Medusa Ransomware Mega Merlin Messaging and banking apps Messaging applications Messaging Applications Messaging Apps Meta Business accounts (Instagram) Metropolitan Police Database Microsoft 365 Microsoft 365 (M365) Microsoft Copilot Microsoft Defender Microsoft Defender for Office 365 Microsoft Edge Microsoft Equation Editor Microsoft Exchange Microsoft Exchange Server Microsoft Intune Microsoft Management Console (MMC) Microsoft Management Console (MSC) Microsoft Office Microsoft Office (Word and Excel) Microsoft Office 365 Microsoft Office IME executable Microsoft Outlook (Classic) Microsoft Outlook (New) Microsoft Products Microsoft SharePoint Microsoft SQL Servers Microsoft Support Diagnostic Tool (MSDT) Microsoft Teams Microsoft Trusted Signing service Microsoft Windows Microsoft Windows Hello for Business Mirai Mobile Banking Applications Mobile Banking Apps MongoDB MOVEit Transfer Mozilla Firefox MS4Killer Nakivo Nakivo Backup and Replication NAKIVO Backup and Replication NAKIVO backup and replication software Nautilus NetApp SnapCenter NetDrive Network OS Next.js Next.js web framework nginx NGINX Nmap Nomad NSW Online Registry Website (ORW) Numotion employee email accounts NYU Website OEM Smart Weighing Machine Firmware (Unspecified) Office 365 OneLogin OpenAI’s ChatGPT OpenAI's Redis client open-source library OpenSLP Oracle Access Manager Oracle Cloud Oracle Cloud federated SSO login servers Oracle Cloud Infrastructure (OCI) login servers Oracle Cloud Infrastructure (OCI) Single Sign-On (SSO) Oracle Cloud SSO platform Oracle Fusion Middleware Oracle Fusion Middleware 11g Oracle WebLogic OT Automation Systems OT devices Outlook Outlook iOS app Over 1,500 banking applications and websites Over 300 Android Apps (Vapor Campaign) Paragon Driver (unspecified) PayPal Website pcalua.exe Pdfixers.exe Perplexity Philips Hue smart bulbs Pioneer DMH-WT7600NEX PJobRAT PowerShell Progressive Web Apps (PWAs) Python QNAP devices QNAP NAS boxes Rainfocus Ransomware Rclone RCS ReaderUpdate Redis Remcos reviewdog/action-setup Roblox (on Windows Arm devices) Routers RPipeCommander ruby-saml Rust SaaS Applications (Unspecified) Safari Salesforce SangaalLite Secure Shell (SSH) Semrush Serverless Functions ShadowPad SharePoint Sider Signal Sitecore Sitecore CMS and Experience Platform (XP) SMA Inverters SMA Solar Power System Products SMA Sunny Portal (via sunnyportal.com) SMA sunnyportal(.com) Smart coffee makers Smart traffic lights SMB SMB (Server Message Block) Snap Builder Snowflake SodaMaster loaders SparrowDoor Splunk Enterprise Splunk Secure Gateway App Spyder loader ssh2 Staffplan Citrix server Starlink Wi-Fi Startklar Elementor Addons plugin Steam StilachiRAT STMicroelectronics STM32L4 devices StreamElements Order Management System Sungrow Android application Sungrow Inverters Sungrow MQTT message handling Sungrow Solar Power System Products Sungrow WiNet WebUI Suprema's Biostar 2 platform Symphonica Symphonica system System.Management.Automation.dll T-Mobile Systems Telecom Infrastructure Telegram Telegram (Android, iOS, Windows) Telegram Bot API Terraform Third-party patient check-in software TivoDiag.exe tj-actions/changed-files tj-actions/changed-files GitHub Action Tor Browser TOR-based data leak site (DLS) Tornado Cash TradingView (cracked versions) TRON truesight.sys Twitter (X) Two-Factor Authentication (2FA) System U.S. Government and Military-linked Infrastructure Ubuntu 24.04 Ubuntu 24.04 LTS Ubuntu Linux 23.10 Ubuntu Linux 24.04 Ukrzaliznytsia's online ticket portal Ukrzaliznytsia's online ticket-selling platform Uniswap Unspecified Advanced Computer Software Group Products Unspecified algorithm (NIST competition finalist) Unspecified Android Mobile Application(s) Unspecified Application Unspecified Astral Foods Systems Unspecified Browsers Unspecified Customer Account Management Software Unspecified Election Infrastructure Software Unspecified Email Services Unspecified End-of-Life Software Unspecified fraudulent websites/apps Unspecified Information-Stealing Malware Unspecified Misconfigured Software Unspecified social media apps and mini-apps Unspecified Software Development Kits (SDKs) Unspecified Software with Unpatched Vulnerabilities Unspecified U.S. Treasury Department Payment Systems Unspecified USB Flash Drives Unspecified Vulnerable Driver Unspecified Wearables and Smart Home Products Unspecified Web Applications Unspecified Windows Trojan (Malware.AI.1323738514) Various Gen-AI applications (ChatGPT, Copilot, DeepSeek, Gemini) Various Online Shopping Platforms (eBay, Shopify, Spotify, Mercado Libre, Alibaba, Apple, Netflix, Adidas, Ozon) Various SaaS applications (unnamed) Veeam Agent for Windows Veeam Backup & Replication Venmo Vertex AI Workbench Verve Asset Manager Viasat KA-SAT satellite system Virginia Attorney General's Office Email System Virginia Attorney General's Office Internal Network Virginia Attorney General's Office Virtual Private Network (VPN) Access Virginia Attorney General's Office Website Visual Basic Script Visual Studio Code (VSCode) extensions VMware Aria Operations VMware ESXi VMware Tools for Windows VMware Tools for Windows v12.5.1 VMware vCenter Server Voting Machines VPNs Vulnerable Drivers (BYOVD) W3C CSS Validator Wallet (CVE-2023-41061) Web Android Package Kits (WebAPKs) Web Browsers (Unspecified) Web.de WebKit WhatsApp Windows Windows (NTLM) Windows (Zero-Day) Windows 10 Windows 10 (version 22H2) Windows 11 Windows 11 (Unspecified Versions) Windows 11 (versions 22H2 and 23H2) Windows 11 24H2 Windows 11 24H2 (build 26100.3194 or higher) Windows Driver (smuol.sys/AbyssWorker) Windows Explorer Windows Media Player (wmplayer.exe) Windows module to execute PowerShell commands Windows PowerShell Windows Script Files Windows Server Windows Server 2016 Windows Server 2025 Windows Shortcut (LNK) files Windows Systems (via SMB and NTLM) Windows Task Scheduler Windows Win32 Kernel Subsystem WinRAR Wiseone Withings WBS06 Firmware WordPress WordPress Automatic Plugin WordPress WP Ghost plugin (versions before 5.4.02) X-Wiki xmph_codec.exe Yahoo Yandex Yoast SEO Plugin Zoho Zyxel CPE routers Zyxel Customer Premises Equipment (CPE) home routers
Involved Countries All Afghanistan Africa African Nations Angola Argentina Arizona Arkansas Aruba Asia Australia Austria Azerbaijan Bangladesh Belarus Belgium Benin Bolivia Botswana Brazil Bulgaria Burundi California Cambodia Canada China Colombia Commonwealth of Independent States (CIS) Congo Côte d'Ivoire Côte d’Ivoire Countries in the Gulf Cooperation Council (GCC) Croatia Cuba Democratic People's Republic of Korea (DPRK) Denmark DPRK DPRK (North Korea) Dubai Estonia EU EU Country (Unspecified) Europe European Union European Union (implied) Finland France Germany Greece Greenland Guatemala Hawaii Honduras Hong Kong Hungary Illinois India Indonesia Iran Iraq Israel Italy Japan Jordan Kazakhstan Kyrgyzstan Lithuania Louisiana Madagascar Malaysia Maryland Massachusetts Mauritania Mexico Michigan Missouri Morocco Myanmar Netherlands Nevada New Mexico Nicaragua Nigeria North Carolina North Korea North Korea (DPRK) Norway Ohio Oklahoma Oregon Pakistan Palestine Paraguay Pennsylvania Peru Philippines Poland Portugal Romania Russia Rwanda Saudi Arabia Serbia Singapore Slovenia South Africa South Korea Spain Sweden Switzerland Syria Taiwan Tajikistan Thailand Togo Tunisia Turkey Turkmenistan U.S. UAE UK Ukraine United Arab Emirates United Kingdom United States United States of America Uruguay US USA Utah Uzbekistan Venezuela Vietnam Yemen Zambia
Affected Industries All Academia Accommodation Accounting and Payroll Services Ad Tech AdTech Advertising Advertising Networks Advertising Technology Aerospace Aerospace engineering AI Image Generation AI Security Air Freight & Logistics Airline All Industries Android App Development Antivirus/Endpoint Detection and Response (EDR) Software Industry Artificial Intelligence Artificial Intelligence (AI) Artificial Intelligence (AI) / Machine Learning (ML) Automotive Automotive/IoT Automotive/Telematics Aviation Aviation/Airport Operations Backup Software Banking Banking (Western Alliance Bank) Banking Organizations Banks (Financial Institutions) Beauty and Cosmetics Biometrics Biotech Biotechnology Blockchain Development Blockchain Gaming Blockchain Technology Blockchain Technology/Cryptocurrency Business Automation Businesses (Canada) Capital Markets Certification Authority (CA) Industry Child Protective Services Civil Society Organizations Cloud Computing Cloud Computing (Oracle) Cloud Services Cloud Storage Cloud Storage Services Commercial Satellites Computing Infrastructure Construction Construction & Engineering Content Management Systems (CMS) Courier Services Critical Infrastructure Critical National Infrastructure Crypto Cryptocurrency Cryptocurrency Exchange Cryptocurrency Exchanges Cryptocurrency Mixing Services Cryptocurrency Trading Customer Relationship Management (CRM) Cyber Insurance Cybersecurity Data Backup and Recovery Data Backup and Recovery Industry Data Broker Industry Data Brokerage Data Brokering Data Storage and Security Database Administration Dating App Dating Services Defense Defense contracting DeFi (Decentralized Finance) Digital Platforms Discrete Manufacturing Domain Name System (DNS) Services Domain Registrar Industry Domain Registrars Domain Registration and DNS Services E-commerce Education Education (Pennsylvania State Education Association) Election Technology Election Technology and Infrastructure Elections Email Marketing Services Email Marketing/Newsletter Services Email Providers Email Security Email Service Providers Email Service Providers (ESPs) Email Services Embedded Devices/Industrial Control Systems (ICS) Emergency Services Employment Services/HR Endpoint Security Energy Energy and Utilities Energy Grids Energy Sector Engineering Enterprise Enterprise Communications Enterprise Monitoring Enterprise/Businesses Entertainment Entertainment/Media Esports Fashion Federal Government (US) Federal Government Institutions (Canada) Federal/Central Government File Transfer File Transfer and Sharing Solutions File Transfer Protocol (FTP) Software File Transfer Server Operators File Transfer Software Providers File Transfer Software/Services Finance Finance (Cryptocurrency) Finance and insurance Finance/Payments Financial institutions Financial Institutions Financial Services Financial Services (Broader) Financial Services (Credit Unions) Financial Services Software Fintech Food and Beverage Food Delivery Services Food Service Fortune 500 Companies Fraud Prevention Gambling Gaming Gaming Industry Genetic Testing Genetic Testing/Direct-to-Consumer Genomics Government Government (Emergency Management) Government (Justice System) Government (Law Enforcement) Government (Postal Services) Government (State and Local) Government (US) Government (various levels) Government Agencies Government organizations Government/Federal Agencies (US) Government/Military Government/National Security Hardware Industry Health Insurance Healthcare Healthcare and Insurance Healthcare Providers Help Desk Support Higher Education Hospitality Hosting Hotels Human Resources Human Resources (HR) Identity and Access Management (IAM) Image and Video Delivery Industrial Automation Industrial Conglomerates Industrial Control Systems Industrial Control Systems (ICS) Industrial Internet of Things (IIoT) Information Security Information Technology Information Technology (IT Services) Information Technology (IT) Information Technology and Security Information Technology/Software Insurance Intelligence Internet Archive/Digital Preservation Internet of Things (IoT) Internet of Things (IoT) Security Internet Security Internet Service Provider (ISP) Internet Service Providers (ISPs) Investment Investment Services IT IT Administration IT and Cybersecurity IT and Security IT and Software IT Infrastructure IT Security IT Services IT Software IT Supply Chain IT/Cybersecurity IT/Software IT/Technology Journalism Journalism/Media Labor Unions Law Law Enforcement Law Firms Legal Legal Services Legal/Government Services Life Sciences Live Streaming Local Government Logistics Logistics Shipping Services Machine Learning (ML) Managed Service Providers (MSPs) Manufacturing Manufacturing (Production Line Monitoring) Maritime Media Media (Journalism) Media & Entertainment Media and Entertainment Media and social media companies Media Organizations Medical Device Medical Device Manufacturing Messaging App Industry Messaging Apps Messaging Services Messaging Services (Discord) Military Mobile Banking Multinational Companies Multinational corporations Municipal Governments National Security Network Security Networking Equipment Networking Equipment Manufacturing Non-Governmental Organizations (NGOs) Oil and Gas Online Casinos Online Directory Services Online Gambling/Casinos Online Gaming/Casinos Online Retail Open Source Software Operational Technology (OT) Password Management Payment Processing Petrochemical Industry Pharmaceutical Pharmaceutical Research and Drug Development Postal Services Poultry Power Grid Power Grid Industry Power Grid/Energy Printing Industry Privacy and Compliance Private Firms Professional Services Public Sector Public Sector/Government Public Utilities Publishing Quantum Computing Rail Transportation Recruitment Regtech Renewable Energy (Solar Power) Research Retail Retail & Hospitality Retail and Hospitality Satellite Communications Scientific Computing Search Engines Secure File Transfer Software Security Semiconductor Assembly and Test (OSAT) Semiconductors SEO SEO/Advertising/Market Research (SaaS) Server Hardware Industry Services Small and Medium Businesses (SMBs) Small and Medium-sized Businesses (SMBs) Smart Device Manufacturing Smart Home Security Smart Home Technology Social Media Social Media Industry Social Media/Advertising Social Networking Software Software (Backup and Recovery) Software and IT Services Software as a Service (SaaS) Software Browser Industry Software Companies (Chinese) Software Development Software Development/Cybersecurity Software Development/GitHub Actions Software Development/Open Source Software Development/Web Application Development Software Development/Web Development Software Industry Software Security Software Security Plugin Industry Software Supply Chain Software/Application Development Software/Content Management Systems Software/IT Security Software/Managed Services Software/Technology Software/Virtualization Solar Energy Solar Energy Industry Solar Power Industry Space Sperm Banks State and Local Government Streaming Services Supercomputing Surveillance Technology Technology Technology (Cloud Computing) Technology (Messaging Apps) Technology (QNAP Devices) Technology (Software as a Service) Technology (Software) Telecom Telecom Providers Telecommunications Telecommunications (5G) Telecommunications/Networking Think Tanks Toll Collection Trade Associations/Groups Traditional Finance Transportation Transportation (Railways) Unspecified Industries Venture Capital Video Game Companies Video Game Industry VPN VPN Providers VPN Services VPNs Water and Wastewater Water Utilities Wealth Management Wearables and Smart Home Web Application Development Web Application Security Web Browser Development Web Browser Extension Development Web Browsers Web Development Web Development/Software Development Web Hosting Web Hosting (Cloudflare) Web Hosting (Google) Web PKI Ecosystem Website Development and Hosting Website Hosting/Development WordPress