Published Date All 2025-04-03 2025-04-02 2025-04-01 2025-03-31 2025-03-30 2025-03-29 2025-03-28 2025-03-27 2025-03-26 2025-03-25
Tags All .NET MAUI .NET MAUI Exploitation 0-day vulnerability 0-day Vulnerability 0day Vulnerability 70mai A510 ABB CODESYS ABB Products Academic Misconduct Access Control Account Security Account Takeover Account Takeover Protection ACR Technology Admission Controller Advanced Persistent Threat (APT) Adversarial Attacks Adversarial Examples Adversarial Exposure Validation (AEV) Adversarial Machine Learning (AML) Adversary-in-the-Middle (AitM) Adversary-in-the-Middle (AitM) Attacks Adware Agentic_AI AgenticAI AI and Disinformation AI Ethics AI Hacking AI in Cybersecurity AI in Software Development AI Integration AI Regulation AI Risk Mitigation AI Safety AI Security AI Security Policy AI Security Research AI_Security AI-as-a-Service (AIaaS) AI-Assisted Coding Tools AI-Based Attacks AI-driven Cybersecurity AI-driven Security Solutions AI-driven Threats AI-fueled Attacks AI-Generated Content AI-Generated Content Watermarking AI-generated Scams AI-Generated Threats AI-powered Attacks AI-powered Cybercrime AI-Powered Data Security AI-powered Security AI-powered_Security AirTag Tracking Alert Fatigue AMR File Parsing Android Banking Trojan Android Malware Android Security Android_System_SafetyCore Anonymity Anti-Analysis Techniques Anti-Evasion Techniques Anubis Backdoor ANY.RUN Apache Camel Vulnerability Apache Tomcat Vulnerability API Abuse API Security API_Vulnerability AppArmor Apple Apple Products Apple_Software_Issue AppleIntelKBLGraphics Application Security APT APT Groups APT_Attack APT_Group APT34 APT36 Arbitrary Code Execution Arista NG Firewall Arrest Artificial General Intelligence (AGI) Artificial Intelligence Artificial Intelligence (AI) Artificial Intelligence (AI) in Cybersecurity Artificial Intelligence in Cybersecurity Artificial_Intelligence Asset Risk Scoring Attack Surface Attack Surface Management Authentication Bypass Authenticator Apps Authorization Bypass Autodesk Navisworks Freedom Automated Attacks Automated Code Remediation Automated Penetration Testing Automated Testing AutomatedSecurityTesting Autonomous System Numbers (ASNs) AWS Cloud Security AWS Security AWS Security Best Practices Backdoor backdoor_installation Backdoors Banking Trojan Bankruptcy Bankruptcy and Asset Sale BAS BCDR Bdrive NetDrive BEC Technologies BGP Attacks BGP Security Binary Ninja BinaryFormatter Biometric Authentication Birthday Freebies Blockchain Forensics Blockchain Technology (in Security) Bluetooth Exploitation BODMAS Dataset Boot Crash Bot Management Bot Mitigation Botnet Brand Impersonation Brand Protection Brand Spoofing Breach and Attack Simulation (BAS) Browser Extension Security Browser Integration Browser Security Browser Vulnerability Brute Force Attack Buffer Overflow Buffer_Overflow Bug Bounty Bug Bounty Program Bug Fixes Business Email Compromise (BEC) BYOD_Vulnerability BYOVD Bypass Script C-Suite Buy-In C2 Communication CA/Browser Forum CALEA Vulnerabilities Callback-Oriented Programming (COP) CAPTCHA Alternatives CarlinKit CPC200-CCPA CASB Certificate Authority (CA) Security Certificate Validation Cgit ChatGPT Outage Child Sexual Abuse Child Sexual Abuse Material (CSAM) China China Chopper China Initiative China Privacy Crackdown China-aligned APT China-aligned_Threat_Actor China-based Cybercrime China-linked APT China-linked Espionage China-Nexus Chinese APT Chinese Cyberattacks Chinese Hackers Chrome Chrome Vulnerability cimfs.sys CISA CISA Funding Cuts Cisco Smart Licensing Utility CISO Responsibilities Classified Information Leak Classifier Attacks Cleartext Password Storage ClickFix Client-Side Authentication Vulnerability Client-Side Path Traversal (CSPT) Client-Side Protection (CSP) Cloud Detection and Response (CDR) Cloud Misconfigurations Cloud Platform Compromise Cloud Run Cloud Security Cloud Security Breach Cloud Security Breaches Cloud Security Incidents Cloud Security Posture Management (CSPM) Cloud_Computing Cloudflare Code Execution Code Obfuscation CODESYS Command and Control (C2) Command Injection Compliance Compliance vs. Resilience Compromised Credentials Computer Vision Conditional Access Configuration Injection Constitutional Law Container Security Continuous Threat Exposure Management (CTEM) Control-flow Graph Convolutional Neural Networks (CNNs) CoreGraphics CoreText Vulnerability Cost Optimization Cost Reduction Cost Savings in Cybersecurity Counterintelligence Credential Compromise Credential Rotation Error Credential Security Credential Stuffing Credential Theft Credential-Stealing Critical Infrastructure Critical Infrastructure Attack Critical Infrastructure Attacks Critical Infrastructure Cyberattacks Critical Infrastructure Cybersecurity Critical Infrastructure Vulnerabilities Cross-Platform Attack Cross-Site Request Forgery (CSRF) Cross-Site Scripting (XSS) CrowdStrike Falcon Identity Protection CrushFTP Cryptocurrency Cryptocurrency Fraud Cryptocurrency Hacks Cryptocurrency Laundering Cryptocurrency Theft Crystal, Nim, Rust, Go CSaaS (Credential Stuffing as a Service) CVE CVE Assignment Dispute CVE-2023-40680 CVE-2024-20439 CVE-2024-20440 CVE-2024-3721 CVE-2025-1659 CVE-2025-1660 CVE-2025-1974 CVE-2025-22457 CVE-2025-24185 CVE-2025-24190 CVE-2025-24211 CVE-2025-2748 CVE-2025-2764 CVE-2025-2765 CVE-2025-2766 CVE-2025-2770 CVE-2025-2771 CVE-2025-2783 CVE-2025-2825 CVE-2025-2857 CVE-2025-29927 CVSS Scoring Cyber Deception Cyber Espionage Cyber Insurance Cyber Insurance for SMBs Cyber Resilience Cyber Threat Intelligence (CTI) Cyber Warfare Cyber-Physical Attacks Cyberbullying Cybercrime Cybercrime Affiliate Program Cybercrime Forum Cybercrime in Africa Cybercrime Platform Cyberespionage Cybersecurity Cybersecurity Advisory Cybersecurity Awareness Campaign Cybersecurity Compliance Cybersecurity Incident Cybersecurity Incident Response Cybersecurity Investments Cybersecurity Program Management Cybersecurity Risk Assessment Cybersecurity Risk Management Cybersecurity Risk Reduction Cybersecurity Risks Cybersecurity Spending Cybersecurity Standards Cybersecurity Startup Cybersecurity Threat Intelligence Cybersecurity Tool Implementation Cybersecurity Vendor Dark Web Dark Web Monitoring Data Analytics Data Backup Data Backup and Restoration Data Breach Data Breach (Potential) Data Breach Response Data Breaches Data Deletion Data Exfiltration Data Exposure Data Flow Analysis Data Hygiene Data Leak Data Loss Data Loss Prevention Data Loss Prevention (DLP) Data Manipulation Data Poisoning Data Privacy Data Protection Data Removal Data Scraping Prevention Data Security Data Storage Data Theft Data_Security Datto BCDR DDoS DDoS Attacks DDoS Mitigation Deepfakes DeepSeek Default Password Vulnerability Default_Credentials Defense-in-Depth Denial of Service Denial of Service (DoS) Denial-of-Service Denial-of-Service (DoS) Deserialization Vulnerability DevSecOps Digital Forensics Digital Identity Disaster Recovery Disinformation DLL side-loading DLL Side-loading DLL Sideloading DLL_Side_Loading DNS DNS Exploitation DNS MX Record Exploitation DNS over HTTPS (DoH) DNS Security DNS-based attack Domain Abuse Domain Hijacking Domain Name System (DNS) Security Domain Validation DoS Attack Doxing DPRK_Cyber_Espionage DrayTek Router Vulnerability Drive-By Compromise Driver Issues DWFX DWFX File Parsing EDR EDR Killer EDR Killer Tools EDR_Evasion Election Security Email Compromise Email Encryption Email Phishing Email Security Email Spoofing Employee Training and Awareness EncryptHub Encryption End-to-End Encryption End-to-End Encryption (E2EE) End-to-End_Encryption Endpoint Security Enterprise Browser Entropy-Based Feature Selection Espionage Espionage Attack Ethical Hacking ETSI Standards EU Cybersecurity Funding European Alternative Evasion Techniques EvasionTechniques Evasive Techniques Evilginx Exploit Intelligence Exploit Modules Exploitation Exposure Management Extortion Extradition Facial Recognition Technology False Claims Act False Claims Act Violation Family Plans Fast Flux FBI Investigation Federal Government Contracts Federal Government Overreach Federal_Funding_for_Cybersecurity FIDO2 File Transfer Protocol Vulnerability File Upload FIN7 Financial Cybercrime Financial Fraud Financial Loss Financial Penalties Find My Network Exploitation Fintech Security Fintech_Security Firebase Cloud Messaging (FCM) Firefox Firefox Vulnerability Firmware Update Force Installation Foreign Interference Fraud Detection Fraud Prevention Free Tier Frequency Analysis FTC Fuzzing Gamaredon Gambling Malware Generative Adversarial Networks (GANs) Generative AI Generative AI in Cybercrime Genetic Data Security Git Mirroring GitHub Advanced Security Golang Google Google Ads Abuse Google Chrome Google Chrome Vulnerability Google Cloud Platform (GCP) Google Quick Share Google Search Google Workspace Gootloader GoResolver Government Compliance Government Data Breach Government Data Sharing Government Funding Government Oversight Government Regulation Government Security Government_Use_of_Messaging_Apps Governmental Data Access GPS Spoofing/Jamming GPS Tracking Error GPU Security Groovy Hacker Biography Hard-coded Credentials Hardcoded Secrets Hardware Root of Trust Hardware Security Harvest Now, Decrypt Later Healthcare Cybersecurity Healthcare Data Breach Healthcare Data Security Healthcare_Cybersecurity Heap Grooming HIPAA Violation Hitachi Energy RTU500 HomeKit Compatibility Honeypot Host Header Injection Hotpatching How-to Guide HTTP Header HTTPS HTTPSCommunication Human Error Hyper-V Hypervisor Targeting IAM IAM (Identity and Access Management) IAM Attacks IAM Misconfigurations IBM AIX ICC Profile Parsing iCloud ICS Security ICS Vulnerability ICS/OT Security ICS/OT Vulnerability Identity and Access Management (IAM) Identity Management Identity Theft Identity Theft Protection Identity Threat Detection Identity-Based Attacks Iframe Hijacking iMessage Exploit Immutability Impersonation Impersonation/Phishing Improper Access Control Improper Authorization Improper Cryptographic Signature Verification INC Ransomware Incident Management Incident Response India Post Impersonation Indonesia Social Media Regulation Industrial Control Systems (ICS) Industrial Control Systems (ICS) Security Industrial Espionage Influencer Marketing Info-Stealer Malware Information Disclosure Information Security Information Stealer Information_Security_Breach Infostealer InfoStealer Infostealer Malware Infrastructure as Code (IaC) Ingress NGINX Controller Ingress-Nginx IngressNightmare Initial Access Initial Access Brokers Initial Access Brokers (IABs) Insecure Default Configuration Insecure Direct Object Reference (IDOR) Insecure Direct Object References (IDOR) Insider Threat Insider Threat Detection Insider Threats Insufficient Security Measures Inter-Process Communication (IPC) International Cooperation International Fraud International Law Enforcement Cooperation Internet Freedom Internet of Medical Things (IoMT) Interpol Operation Interpol-led Operation Intrusion Detection Intrusion Detection Systems (IDS) Investment Scams IOC Analysis IoMT_Vulnerabilities iOS Exploit iOS_18.4_Bug IoT and OT Security IoT Security IPC iPhone Data Recovery IPP Protocol Iran IT/OT Security Ivanti Connect Secure Jailbreaking AI Tools Japan Airlines In-Flight AI JavaScript JavaScript Injection Juniper_Vulnerability JWT_Vulnerability Kentico Xperience CMS Kernel Exploit Kernel Vulnerabilities Key Encapsulation Mechanisms (KEM) Knowledge Graphs Known Exploited Vulnerabilities (KEV) Known Issue Rollback (KIR) Kubernetes Kubernetes Security Kubernetes Vulnerability KYC Lack of Transparency Large Language Model (LLM) Lateral Movement Law Enforcement Law Enforcement Collaboration Law Enforcement Operation Lawsuit Lazarus Group LDAP Injection Leadership in Cybersecurity Legacy System Vulnerability Legacy Systems Legal Action Legal Challenges Legal Settlement LFI Linux Linux Malware Linux Security Vulnerability LinuxDistributions Living off the land Living off the Land (LOTL) Living off the Land (LOTL) Tactics Living-off-the-land Living-off-the-Land Binaries (LOLBins) LLMs LNK_Files Local Attack Local Code Execution Local Privilege Escalation Local Vulnerability LockBit Ransomware Log Tampering Loyalty Programs Mac_VPN Machine Learning Machine Learning (ML) Machine Learning Security Operations (MLSecOps) Machine_Learning macOS macOS Malware macOS Vulnerability Magecart Attacks Mailchimp Malaysia Cybersecurity Malicious AI Tools Malicious Redirection Malicious Torrent malicious_package Malspam Malvertising Malware Malware Analysis Malware Attacks Malware Campaign Malware Classification Malware Deployment Malware Distribution Malware_Analysis Malware-as-a-Service (MaaS) MalwareLoader Man-in-the-Middle (MitM) Attack Managed Detection and Response (MDR) Managed Security Services Mean Time to Detect (MTTD) Mean Time to Respond (MTTR) MEDUSA_Ransomware Memory Corruption Messaging App Security Messaging_App_Comparison Meta AI Metadata Metasploit MFA Bypass Micropatch Micropatching Microsegmentation Microsoft Microsoft 365 Security Microsoft Account Microsoft Entra ID Microsoft Intune Microsoft Management Console (MMC) Vulnerability Microsoft Office Microsoft Outlook Bug Microsoft Security Products Microsoft Windows Microsoft Windows Vulnerability Middleware Bypass Middleware Vulnerability Mirai Botnet Mirai_Botnet Mirai-based Botnet Misconfiguration Misinformation Missing Person Misuse of Communication Tools Mitigation and Remediation MITRE ATT&CK MITRE ATT&CK Framework Mobile Banking Fraud Mobile Malware Mobile Messaging Exploitation Mobile Security Model Drift Model Extraction Model Inversion Money Laundering MP4 File Parsing MP4 File Parsing Vulnerability Multi-Account Strategies Multi-Factor Authentication Multi-Factor Authentication (MFA) Multi-Factor Authentication (MFA) Abuse Multi-Factor Authentication (MFA) Bypass Multi-Factor Authentication (MFA) Failure Nation-State Attacks National Security National_Security_Risks Negligence Network Security Next.js Next.js Vulnerability Nginx NGINX NGINX Vulnerability NHS Data Compromise NHS Data Security NIST NIST Cybersecurity Framework Nmap North Korean Cyberespionage NPM Package Compromise npm Registry npm_package_attack NPM_Packages NSExpression NTLM Obfuscation Observability Online Document Platforms Online Grooming Online Privacy Online Scams Online Security Best Practices Open Redirect Open Redirect Vulnerabilities Open Source Open Source Intelligence (OSINT) Open Source Security Open Source Software Open Source Software Vulnerability Open_Source_Tool Open-Source Open-Source Tools OpenAI OpenCTI Platform OpenSSL Misconfiguration OpenSSL Vulnerability OpenVAS Operation ForumTroll Operational Security Failure Operational Technology Operational Technology (OT) Operational_Technology_(OT)_Security OPSEC Failure Oracle Cloud Security Oracle Cloud Vulnerability OS Command Injection OT Security OTP Theft Out-of-bounds Read Out-of-Bounds Read Out-of-Bounds Write Outdated Software Pakistan-based APT Passkeys Password Management Password Manager Password Security Passwordless Authentication Patch Bypass Patch Management Patch Released Patch Tuesday Updates Pay-Per-Install (PPI) / Malware-as-a-Service (MaaS) PCI DSS 4.0 PCI DSS 4.0 Compliance Penetration Testing Performance Optimization Persistence Persistence Mechanism PersistenceMechanism Personal Access Tokens PhaaS (Phishing-as-a-Service) Phishing Phishing Attacks Phishing Campaign Phishing-as-a-Service (PhaaS) PHP Object Injection Phreaking Physical Social Engineering PIPEDA Compliance Pointer Authentication Codes (PAC) Post-Compromise Breach Simulations Post-Quantum Cryptography Power Grid Disruption PowerShell Pricing and Value Pricing_Comparison Printer Issue Privacy Privacy Concerns Privacy Enhancement Privacy Enhancing Technologies Privacy Risk Assessment Privacy Violation Privacy_Concerns Privacy-Enhancing Technologies (PETs) Privilege Escalation Privileged Access Management (PAM) Proactive Security Product Comparison Product Review Programming Languages Proof-of-Concept Exploit Protective DNS (PDNS) Python Malware QR Code Attacks Quantum Computing Quantum_Computing Quantum-Safe Cryptography RaaS Ransomware Ransomware and Extortion Ransomware Attack Ransomware Attacks Ransomware_Attacks Ransomware-as-a-Service (RaaS) Ransomware/Extortion RAT (Remote Access Trojan) RCE ReaderUpdate Malware Real-time Alerts Red Teaming RedCurl Reflected Cross-Site Scripting (XSS) Registry Modification Regulatory Actions Regulatory Compliance Remcos RAT Remcos_Backdoor Remote Access Trojan (RAT) Remote Administration Remote Code Execution Remote Code Execution (Potential) Remote Code Execution (RCE) Remote Desktop Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) Issues Remote Hacking Remote Remediation REST Interface Vulnerability Return on Investment (ROI) Reverse Shell reverse_shell Reverse_Shell Risk Management Risk Prioritization ROI (Return on Investment) Romance Baiting Romance Scams Rootkit Router Vulnerability RSA Innovation Sandbox Finalist RTSP Support Runtime Security Russia Russian Hacking Russian State-Sponsored Attack Russian Threat Actor Russian_Intelligence S3 API SaaS Security Salt Typhoon Sandbox Bypass Sandbox Escape Sandbox Evasion Sandbox Technology Sandboxing Satellite Cybersecurity Secret Exposure Secret Management Secure Code Development Secure Email Gateways (SEG) Evasion Security Security Control Failures Security Data Management Security Information and Event Management (SIEM) Security Operations Center (SOC) Security Research Security Testing Security Update Security Updates Semiconductors Sensitive Data Exposure Series A Funding Series E Funding Series Funding Series_A_Funding SeriesAFunding Serverless Security Service Outage Shadow IT ShadowPad ShadowPad Backdoor ShadowPad RAT Shared Responsibility Model SharePoint Vulnerability SIEM Signal Signal (Messaging App) Signal Messaging App Signal Security Concerns Silent_Installation SIM Box Fraud SIM Swap Sitecore Small Business Cybersecurity Smart Home Security Smart TV Privacy SMB Cyberattack Costs SME Cybersecurity Smishing SmokeLoader SMS Phishing Snowflake SOAR SOC (Security Operations Center) Social Engineering Social Engineering Scams Social Media Security Social Media Security Risk Social_Engineering_Prevention Software Bug/Vulnerability Software Compatibility Issues Software Composition Analysis (SCA) Software Patch Software Supply Chain Software Supply Chain Attack Software Supply Chain Security Software Update Software Updates Software Vulnerabilities Software Vulnerability Software Vulnerability Management Solar Inverter Vulnerabilities Solar Power System Vulnerabilities Sophos Sophos X-Ops South Africa Spam Email Spam Prevention SparrowDoor SparrowDoor Backdoor SparrowDoor Malware SpawnChimera Malware Spear Phishing Spear-phishing Splunk Vulnerability Spoofing Spyware SQL Injection SSH SSH Tunneling SSO Compromise SSRF SSRF Vulnerability State_and_Local_Government_Cybersecurity State-Sponsored APT State-Sponsored Attack State-Sponsored Attacks Static Analysis Static Code Analysis STIX Student-led SOCs Supply Chain Attack Supply Chain Attacks Supply Chain Compromise Supply Chain Security supply_chain_attack Supply_Chain_Attack Supply_Chain_Compromise Surveillance System Monitoring Tools System Recovery Taiwan Targeted Advertising Targeted Attack Targeted Attacks Targeted Phishing Tax Scam Telecom Telecommunications Telegram Third_Party_Risk Third-Party Integrations Third-Party Risk Third-Party Risk Management Third-Party Vulnerabilities Threat Actor Collaboration Threat Detection Threat Detection and Response Threat Hunting Threat Intelligence Threat Intelligence Integration Threat Prevention Threat Response Threat Simulation Time-of-Check Time-of-Use TLS Security Tool Bloat Tor Tor Browser Transparent Tribe Trump Administration Two-Factor Authentication (2FA) Ubuntu Linux Security UK Information Commissioner’s Office (ICO) Fine Ukraine Unauthenticated Access Unauthenticated Exploitation Unauthenticated Remote Code Execution UNC5221 Undisclosed Funding Unexpected_App_Installation University Cybersecurity URL Classification US_China_Tech_Sanctions US_Cybersecurity_Policy USB-Based Attack Use-After-Free User and Entity Behavior Analytics (UEBA) User Experience User Experience (UX) Improvement User Namespaces VanHelsing Ransomware Veeam Backup and Recovery Veeam Backup and Replication Venmo Privacy Vishing VMware VMware Vulnerability Voter ID VPN VPN Configuration and Usage VPN Performance VPN Privacy VPN Security VPN_Features VPN_Review VPN_Vulnerability Vulnerabilities Vulnerability Vulnerability Assessment Vulnerability Disclosure Vulnerability Exploitation Vulnerability Management Vulnerability Scanning Vulnerable VPNs Weak Password Requirement Web Application Firewall (WAF) Web Application Firewalls (WAFs) Web Cache Poisoning Web Interface Vulnerability Web Security Web Shell Web Skimming Webinar WebP Vulnerability Webshell Website Compromise Website Defacement WhatsApp Whistleblower Lawsuit Windows Windows 11 Windows 11 24H2 Windows 11 Bugs Windows 11 Update Windows Exploitation Windows Malware Windows Recovery Environment (Windows RE) Windows Security Windows Server Windows Server 2025 Windows Specific Windows Task Scheduler Windows Update Windows Update Bug Windows Updates Windows Vulnerability Wire Fraud Wireless Hotspot Vulnerability WordPress WordPress Exploitation WordPress Vulnerability Workflow Automation Workforce Development XDR XSS XSS Attacks XWiki Vulnerability XXE Zero Trust Zero-Click Exploit Zero-day Zero-Day Zero-day Exploit Zero-Day Exploit Zero-Day Exploit (Past) Zero-Day Exploits Zero-Day Vulnerability Zero-Day_Exploit Zyxel CPE Compromise
Categories All Academic Research and Security Ad Security Advanced Persistent Threat (APT) Advanced Persistent Threat (APT) Analysis Advanced Persistent Threats (APTs) Advanced_Persistent_Threat_(APT) Advanced_Persistent_Threats AI and Emerging Technologies AI and Machine Learning Security AI Cybersecurity AI Governance and Policy AI in Cybersecurity AI in Messaging AI Risk Management AI Risks and Safety AI Security AI Security Best Practices AI Security Research Funding AI Security Threats and Mitigation AI System Security AI_in_Cybersecurity AI_Security_Technology AI-driven Security Solutions AISecurityTechnology Alert Prioritization and Response Android_Security API_Security Application Security Application Security Risk Management APT Activity APT Analysis APT Attacks APT Group Analysis APT_Campaign_Analysis Artificial Intelligence in Cybersecurity Authentication and Authorization Authentication Methods AWS Security AWS Shared Responsibility Biometric Security Biometric Technology Botnet Analysis Browser Security Bug Bounty Program Enhancements Bug Bounty Programs Business Case Development for Cybersecurity Tools Business Continuity and Disaster Recovery Business Impact of Cybersecurity CA/Browser Forum Standards Child Exploitation Civil Liberties Cloud Security Cloud Security Incidents Cloud Security Posture Management (CSPM) Cloud Security Risk Assessment Cloud Security Solutions and Mitigation Strategies Cloud Security Threats and Vulnerabilities Communication Security Compliance and Regulation Compliance and Risk Management Consumer Cybersecurity Consumer Electronics Consumer Electronics Reviews Consumer Privacy and Security Container Security Cost Management in Cybersecurity Cost Optimization Cost-Effective Cybersecurity Solutions Critical Infrastructure Protection Critical Infrastructure Security Cryptocurrency Regulation Cryptocurrency Security Cryptography Cryptography and Key Management Cyber Espionage Cyber Insurance Best Practices Cyber Threat Intelligence Cyber Threat Intelligence Sharing Cyber Threat Intelligence Sharing and Analysis Cyber Threat Landscape Cyber_Espionage Cybercrime Cybercrime and Law Enforcement Cybercrime Economics Cybercrime Investigation Cybercrime Investigations Cybercrime News Roundup Cybercrime Prosecution Cybercrime Tactics and Techniques Cybercrime Threat Landscape Cybercrime Tools and Techniques Cybercrime Trends Cybercrime Trends and Statistics Cybercrime Trends and Tactics Cyberespionage and Advanced Persistent Threats (APTs) Cybersecurity Cybersecurity (Tangential) Cybersecurity Awareness Cybersecurity Awareness and Education Cybersecurity Awareness Training Cybersecurity Best Practices Cybersecurity Careers Cybersecurity Challenges and Solutions Cybersecurity Collaboration and Awareness Cybersecurity Compliance and Regulation Cybersecurity Defenses Cybersecurity Efficiency and Productivity Cybersecurity Firm Collaboration Cybersecurity Funding Cybersecurity Funding and Investment Cybersecurity Funding and Policy Cybersecurity Incident Response Cybersecurity Incident Response and Recovery Cybersecurity Incidents Cybersecurity Incidents and Response Cybersecurity Infrastructure Cybersecurity Insurance Cybersecurity Investigation Cybersecurity Investigations Cybersecurity Leadership and Team Building Cybersecurity Mitigation Cybersecurity News Roundup Cybersecurity Operations Cybersecurity Operations (SecOps) Cybersecurity Practices and Strategies Cybersecurity Product Analysis Cybersecurity Risk Mitigation Cybersecurity Risks and Mitigation Cybersecurity Solutions Cybersecurity Standards Cybersecurity Strategy Cybersecurity Strategy & Leadership Cybersecurity Strategy and Defense Cybersecurity Technology Cybersecurity Testing and Assessment Cybersecurity Threat Detection and Prevention Cybersecurity Threat Intelligence Cybersecurity Threat Landscape Cybersecurity Threats and Vulnerabilities Cybersecurity Tools and Technologies Cybersecurity Workforce Development Cybersecurity_Best_Practices Cybersecurity_Funding Cybersecurity_Policy_Analysis CybersecurityFunding Data Analytics Data Backup and Recovery Data Breach Incident Response Data Breach Investigations Data Breach Response Data Breaches & Vulnerabilities Data Breaches and Leaks Data Leakage Data Loss Prevention Data Management Data Privacy Data Privacy and Security Data Protection Data Protection and Privacy Data Protection and Security Data Recovery Data Science in Cybersecurity Data Security Data Security and Privacy Data Security and Protection Data Security Incident Response Data Security Incidents Data_Privacy Data_Security_and_Privacy Database Security DDoS Attack Analysis DDoS Prevention and Mitigation Deepfake Detection and Prevention Deepfake Technology and Creation Deepfake-Related Cyberattacks Defensive Security Developer Security DevOps Digital Forensics and Investigation DNS Security Domain Security Best Practices Election Infrastructure Security Election Law and Policy Email Security Embedded Device Security Emerging Cybersecurity Technologies Emerging Threats Emerging Threats and Vulnerabilities Endpoint Security Endpoint Security Strategies Enterprise Security Exploit Analysis Exploit Development Export_Controls_and_Sanctions Financial Crime Financial Cybercrime Financial Cyberthreat Trends Financial News Financial Risk Management Financial Services Security Fintech Fraud Prevention Geopolitical Cyber Conflict Geopolitical Cyber Espionage Geopolitical Cyber Threats Geopolitical Cybersecurity Geopolitical Implications (Russia) Geopolitical_Cyberattacks Geopolitical_Cybersecurity Git Management Governance, Risk, and Compliance (GRC) Government and Politics Government and Regulatory Response Government Cybersecurity Government Cybersecurity Compliance Government Cybersecurity Initiatives Government Cybersecurity Policy Government Data Security Government Investigation and Espionage Concerns Government Regulation of Technology Government Response to Cyberattacks Government Surveillance Government_Cybersecurity Governmental Affairs Hardware Reviews Hardware Security Healthcare Cybersecurity Healthcare Data Breach Healthcare Data Privacy Healthcare Data Security Healthcare_IT_Security Higher Education Cybersecurity History of Hacking ICS Cybersecurity ICS Security Identity and Access Management (IAM) Identity Protection Identity Protection Service Reviews Incident Response Incident Response & Breach Management Incident_Response Industrial Control System (ICS) Security Industrial Control System Security Industrial Control Systems (ICS) Security Industrial Cybersecurity Insider Threat Prevention Insider Threats Intelligence Community Failures International Cybercrime Cooperation Intrusion Detection IoMT_Security IoT Device Security IoT Security IoT/OT Security IT Management IT Service Management Kernel-Level_Malware Kubernetes Security KYC/AML Compliance Law Enforcement Law Enforcement and Cybercrime Law Enforcement and International Cooperation Law Enforcement Response Legal Dispute Linux Security Linux Security and Privacy Linux System Administration Machine Learning for Cybersecurity Machine Learning Security macOS Security Malware Analysis Malware Analysis & Threat Intelligence Malware Detection Malware Detection and Prevention Malware Mitigation Malware Prevention Malware_Analysis Malware_Reverse_Engineering MalwareAnalysis Market Analysis Messaging App Security Messaging_App_Security_and_Privacy MFA and Authentication Mitigation and Remediation MLSecOps Implementation Mobile Application Security Mobile Device Security Mobile Malware Analysis Mobile Messaging App Security Mobile Security Mobile Threat Analysis Mobile Threat Research Mobile_Security Mobile_Security_Incident National Security Network Security Network_Security Online Child Exploitation Online Gaming Security Online Piracy and Malware Online Security Best Practices Open Source Cybersecurity Tools Operating System Security Operational Technology (OT) Security Patch Management Payment Card Industry (PCI) Security Payment Card Industry Security Penetration Testing Penetration Testing Services Personal Data Protection Phishing and Social Engineering Phishing Attack Analysis Phishing Attacks Phishing Awareness Phishing Campaigns Phishing Mitigation Techniques Phishing Prevention Phishing Prevention and Awareness Phishing Threat Landscape Phishing Trends and Tactics Physical Security Vulnerabilities PKI Privacy and Data Protection Privacy and Surveillance Privilege Escalation Privileged Access Management (PAM) Proactive Cybersecurity Defense Product Announcement Product Announcements Quantum Computing Threat Ransomware Analysis Ransomware and Advanced Persistent Threats Ransomware and Data Breach Response Ransomware Attacks Ransomware Tactics and Techniques Ransomware Threat Analysis Ransomware_in_Healthcare Ransomware-as-a-Service (RaaS) Regulatory Compliance Reverse Engineering Risk Management Root Cause Analysis of Security Failures SaaS Security Sandbox Analysis Sandbox Security Scam Prevention Security Advisories Security Advisory Security Awareness Security Awareness Training Security Best Practices Security Control Validation Security Incident Response Security Operations Security Operations Center (SOC) and IDS Security Operations Optimization Security Patching and Management Security Product Evaluation Security Testing and Evaluation Security Tools Semantic Technologies in Cybersecurity Service Disruption SIEM and AI Integration Small and Medium Business (SMB) Cybersecurity Smart Home Technology Smart TV Security and Privacy SMB Cybersecurity Threats and Mitigation Social Engineering Social Engineering and Human Element Social Engineering Attacks Social Engineering Prevention Social Media Security Software Patch Management Software Security Software Supply Chain Security Software Update Issues Software Updates and Deployment Software Updates and Features Software Vulnerabilities Software Vulnerability Software Vulnerability Analysis Software Vulnerability and Patching Software Vulnerability Disclosure Software Vulnerability Management Software_Bug_Analysis Software_Privacy Software_Supply_Chain_Security State-Sponsored Attacks Static Analysis Techniques Streaming Media Supply Chain Security System Administration System Performance and Optimization Targeted Attacks Technical Analysis Telecom Security Third-Party Risk Management Third-Party Vendor Management Third-Party Vendor Risk Management Third-Party Vendor Security Threat Actor Activity Threat Actor Analysis Threat Actor Mitigation Threat Actor Tactics and Mitigation Threat Actor Tactics and Techniques Threat Actor Tracking Threat Analysis Threat Detection Threat Detection and Mitigation Threat Detection and Response Threat Hunting Threat Hunting Strategies and Techniques Threat Intelligence Threat Intelligence and Analysis Threat Intelligence and Research Threat Intelligence and Response Threat Intelligence Platforms Threat Landscape Threat Mitigation Threat Modeling and Simulation Threat Research Threat_Intelligence ThreatIntelligence Two-Factor Authentication Methods and Setup User Interface/User Experience (UI/UX) Design User Privacy Vendor Management Virtualization Security VPN Best Practices VPN Services VPN Technology and Functionality VPN_Service_Comparison Vulnerability Analysis Vulnerability Analysis & Disclosure Vulnerability Analysis and Exploitation Vulnerability Analysis and Remediation Vulnerability and Threat Management Vulnerability Assessment and Remediation Vulnerability Disclosure Vulnerability Disclosure and Analysis Vulnerability Disclosure and Exploitation Vulnerability Disclosure and Patching Vulnerability Disclosure and Remediation Vulnerability Exploitation Vulnerability Management Vulnerability Mitigation and Patching Vulnerability Prioritization Vulnerability Research Vulnerability Research and Exploitation Vulnerability_Disclosure Vulnerability_Exploitation Web Application Security Web Browser Security Web PKI Security Web Security Website Security Whistleblower Protection Windows 11 Compatibility Windows Operating System Windows Security WordPress Security
Threat Actor All $$$ 17-year-old with ADHD 8Base admad advanced nation-state actors Agent Tesla AI-Nomis Akira Alexander "Connor" Moucka Alexander Moucka ALPHV BlackCat Andrew Appalling criminal gangs APT Actor (Operation ForumTroll) APT Group (Unspecified) APT Groups APT28 APT29 APT31 APT34 APT36 AresLoader Actors Arkana Arkana Security Atlantis AIO developers/operators Atlantis AIO operators Attacker (GitHub CodeQL Supply Chain Attack) Attackers (Broadcom vulnerability) Bad Actor bad guys Baragozer BelialDemon BianLian BitStealer Black Basta BlackCat/ALPHV BlackLock BlackLock Ransomware Bordislav/RastaFarEye (potential link) Brain Cipher C10p Cameron Wagenius Capital One Hacker China Chinese Government Chinese state hackers Cl0p CL0P ClipBanker CliptoShuffler Clop Com networks Conti CosmicBeetle Criminal gang in China Criminals Crocodilus Malware Author Crocodilus Operators CryTOX CVLT Cyber attackers Cyber Av3ngers Cyber fraudsters Darcula Dark Caracal Dark Storm Team determined attacker DollyWay Donald Trump DPRK DPRK IT workers DragonForce Earth Estries EGodly El Dorado Elephant Beetle Embargo EncryptHub Ex-spouses expert_kalashnikov/kalashnikov FakeApp Developers FamousSparrow FIN7 Fog Foreign intelligence services Fraudsters Gamaredon GenNomis GHNA Ghost_Pulse GitHub Action Compromisers Gootloader Group GorillaBot Grandoreiro Grandoreiro_operators Hackers (general) Hacktivists Hamas Hellcat ransomware group Heracles Actors Ibiza99 INC ransomware gang InCrease INDOHAXSEC IndusInd Bank Malware Authors initial access groups Interlock Ransomware group Iran Iranian proxies Jeandiel Serrano John Binns KidFlix users Kimsuky Knotweed Konni lapa Lazarus APT Lazarus Group Linux Stealer lo0o0o0ong Loan App Scam Actors LockBit Lucid Magecart Malicious Insider (Rippling) Malone Iam Mamona Mamont Mamont Trojan Developers Masters of Mayhem Medusa Medusa Ransomware Members of Elon Musk's Department of Government Efficiency (DOGE) team Mirai Mirai Type botnet Miscreant Moonstone Sleet Morphing Meerkat n3auxaxl/usernamewakaw nasty threat actors Nation-state actors Nemesis Network-adjacent attackers Nitrogen Ransomware group NoName057(16) North Korean hackers North Korean national North Korean nationals NSO Group NSW Court Data Leaker Online trolls Operation ForumTroll Oracle Cloud Breachers ORB07 Payk_34/eugenfest People's Republic of China (PRC) Persistent adversaries Physically Present Attacker Play President Trump Pro-Russian actors Qilin QuadSwitcher RansomHouse RansomHub Ransomware actors Ransomware Actors Ransomware cartels Ransomware gangs Ransomware group Ransomware groups RastaFarEye ReaderUpdate Actors ReaderUpdate operators Red-team operator RedCurl relatively inexperienced threat actors Remote attacker (Google Chrome vulnerability) Roddux Romance Baiting Operators RomCom rose87168 Russia Russian hackers Russian Intelligence Russian Intelligence Services Russian military intelligence Russian nationals Russian Ransomware Gang Russian receiver Rwanda Gambling Scam Network Salt Typhoon Sandworm Satanic Scam Artists Scammers Scattered Spider ShinyHunters SideCopy Silk Typhoon (formerly Hafnium) SIM Box Fraud Ring Members Smart Attacker SmokeLoader Developers Sophisticated attacker Stalkers State-backed threat actor state-sponsored attackers State-sponsored threat actor (Russia) Storm-2077 Suspected state-sponsored APT group sybra Threat Actor (TA) Threat Actors behind PJobRAT campaigns Threat Actors with links to Russian hacktivism Threat Actors with Links to Russian Hacktivism tinker tramp/Oleg Nefedov (potential link) Transparent Tribe Triada Malware Authors Turkish-speaking developer UAC-0063 Ukraine Railway Attackers Unauthenticated Attacker Unauthorized Actor Unauthorized People UNC2465 UNC3886 UNC4841 UNC5221 UNC5337 Unknown Actor Behind Salvador Stealer Unknown APT Group Unknown Cybercriminals Unknown Developer(s) usernameboy usernamegg usernamehunter usernameugway VanHelsing VanHelsing ransomware operation Veer Chetal VexTrio victim Volt Typhoon Water Gamayu Water Gamayun Weaver Ant XinXin XORbot Zambia Phone Hackers
Actor Aliases All $$$ AbyssWorker Adem adfoster-r7 Agenda AI-NOMIS Amadey Andariel Anubis Anubis/Bokbot APT-C-01 APT-Q-20 Aqua Blizzard Arkana Security Armageddon Armoury AtomLoader Big Balls bigballs BITWISE SPIDER Black Technology BlackLock BlackSuit BLASTPASS Blue Otso BlueAlpha Box bwatters-r7 Carbanak Chinese APT Chinese hacking gang ClickFix CoffeeLoader Corelump CTAG CURLY SPIDER DarkGate DOGE Dolittle DOLITTLE Drag-and-Drop Drag-on Drop DragonDrop DragonForce e2002e Earth Kapre EDRKillShifter Eldorado Emerald Sleet Emmanuel Goldstein EncryptRAT EugenLoader/FakeBat/PaykLoader/X.Loader Evilginx FlowerStorm Free Russia Legion Freedom of Russia Legion Genieo GG GHNA Ghost Emperor GhostEmperor GolangGhost Gootloader Greavys GreenSpot hacker Helix Kitten Hikki-Chan Hive0051 HolyPryx IcedID iPika Iron Tilden jheysel-r7 Jin Sung-Il Joseph O'Connor Judische Jumplump jurkaofavak Kiberphant0m Kimsuky Lapmon Larva-208 LARVA-208 LosPollos Lumma Mambe2FA Mamona MaxOfferDeal MEDUSA ransomware MetaStealer Moobot Moonstone Morphing Meerkat msutovsky-r7 MuddyWater Nima Fazeli Ninja Admin OilRig OpenVAS Operation ForumTroll OrpaCrab Pak Jin-Song Pig Butchering Pikabot Poison Cloud Vine POTUS Primitive Bear Pryx Qakbot/Qbot QuantumBuilder QWCrypt RaccoonO365 randolzflow RansomHub Red Wolf Resurge RESURGE Rey Rob T Firefly rose87168 Russian Volunteer Corps rz Saif Salt Typhoon Salvador Satanic Savage Ladybug ScarCruft Shuckworm SideCopy Silent Skimmer Silver Toucan SmokeLoader SparrowDoor SPAWN SpawnAnt SpawnChimera SPAWNCHIMERA SpawnMole SpawnSloth SPAWNSLOTH SpawnSnail ssd-disclosure STAC4365 Steal SuperBlack TeviRat ThinkingOne TookPS TraderTraitor trafficredirect (Telegram Channel) Transparent Tribe Trident Ursa Tycoon2FA UAC-0010 UNC530 UpdateAgent VanhelsingLocker Vidar VirtualPie VirtualPita Waifu watchTowr Water Gamayu Water Gamayun Weaver Ant White Dolphin WikiKit Winterflounder Wiz WizardUpdate WormGPT zeroSteiner תמיר כץ
Exploit Method All .lnk file abuse 2020 Java Exploit Aadhaar Data Leak Abuse of .NET MAUI for Malware Distribution Abuse of Compromised Systems Abuse of Presidential Authority to Remove FTC Commissioners AbyssWorker Driver Exploit Accessibility Service Abuse Accessibility Service Exploitation Accidental Addition of Unauthorized User to Secure Communication Channel Accidental Data Deletion Accidental Disclosure of Sensitive Information via AI Tools Accidental Group Chat Addition Accidental Inclusion in Sensitive Conversations Accidental Shutdown of R2 Gateway Account Takeover using Headless Browsers and Automation Tools Acquisition of US Technology for Military Applications ACR Data Misuse Adversarial Attacks Adversarial Examples (Image Classification) Adversarial Inputs Adversarial Manipulation of Training Data AI Workarounds for Resource Constraints AI-as-a-Service (AIaaS) for Malicious Activities AI-Generated CSAM Creation and Distribution AI-Generated Voice Scam AI-Powered Phishing AmsiScanBuffer Overwrite and macOS Versions and Privilege Escalation in IoT Devices and Unhosted Wallets and Wallet Abuse in Gen-AI Android 13+ Bypass Android App with Malicious Permissions Android malware campaigns using .NET MAUI to evade detection Android Phishing Exploit (IndusInd Bank App Mimicry) AndroidManifest.xml Manipulation AndroidManifest.xml_Bloating AOL 800 Number Credit Card Exploit Apache Camel Header Injection Apache Tomcat Path Equivalence Flaw Exploitation Apache Tomcat RCE Vulnerability Apache Tomcat RCE Vulnerability Exploit API_Credential_Stuffing_and_Token_Exploitation AppleDouble File Handling Application Bypassing IP Restrictions April 2024 Zero-Day Exploit Arbitrary Code Execution via Malicious File Upload Arbitrary Code Execution via Multiple Vulnerabilities in IBM AIX Arbitrary File Upload Arbitrary NGINX Configuration Injection Arbitrary Nginx Configuration Injection and Remote Code Execution AresLoader Malware-as-a-Service AresLoader Malware-as-a-Service (MaaS) Arkana Group's Attack on WideOpenWest (WOW!) Arkana Ransomware Exploit ASP.NET ViewState code injection Atlantis AIO for Credential Stuffing and Brute-Force Attacks Attackers can bypass middleware auth checks by exploiting critical Next.js flaw Authentication Anomalies Authentication Bypass Authentication bypass CVE-2025-22230 impacts VMware Windows Tools Authentication bypass impacting VMware Windows Tools Authentication bypass impacts VMware Windows Tools Authentication bypass in VMware Windows Tools Authentication Bypass using Malformed S3 Authorization Header Authorization Bypass via x-middleware-subrequest Header Manipulation Authorization/Rewrite Bypass Automated Phishing Attack with OTP Relay Autonomous Chaos AWS PowerUserAccess Privilege Escalation BadUSB Malware Base64-Encoded .NET Web Shell Delivery BGP Hijacking BGP Hijacking Leading to Fraudulent Certificate Issuance Billion_Laughs_DoS Biometric Spoofing and Deepfake Attacks Black Basta Ransomware Attack Black Screen Overlay Attack BLASTPASS Brainfuck Interpreter in Grip Virus Brand Impersonation in Google Ads Bring Your Own Vulnerable Driver (BYOVD) Browser Extension Repurposing Browser Syncjacking Browser Vulnerability Exploit Browser-in-the-Middle (BitM) Attack Brute Force Attack Brute Force Attack against VPN Brute-Force Attacks Against RDP and VNC Brute-Force Password Attacks Brute-forcing Referrer Header Bulletproof Hosting Provider Exploits Business Email Compromise (BEC) Business Email Compromise (BEC) Scams BYOD Exploitation BYOVD (Bring Your Own Vulnerable Driver) Bypass CAPTCHAs Bypass via aa-exec Bypass via busybox Bypass via LD_PRELOAD Bypassing Cloud Dependency Exploit BypassNRO.cmd script exploitation Call Stack Spoofing CAPTCHA Bypass Cellebrite Zero-Day Cellebrite zero-day exploit Cellebrite Zero-Day Exploit ChatGPT Payment Data Leak ChatGPT SSRF bug ChatGPT SSRF Bug China Chopper Web Shell China Chopper Web Shell Deployment China Chopper Web Shell Exploitation Chisel for Tunneling/RDP Access Chrome Sandbox Bypass Exploit Chrome Sandbox Escape Zero-Day cimfs.sys Local Privilege Escalation Cisco Firewall Zero-Day Exploits Citrix Component Blockage of January 2025 Windows Security Update Citrix Session Recording Agent (SRA) Vulnerability Classic Outlook Crash Exploits Clearview AI Data Scraping Cleo File Transfer Software Exploit ClickFix Client-Side Authentication Vulnerability Clipboard Hijacking via Fake CAPTCHA Clop Ransomware Exploitation of Zero-Day in Cleo Software Cloud_Snapshot_Export_Exploit Cloud_Storage_Object_Download_and_Deletion_Exploit Cobalt Strike Abuse CodeQL GitHub Action Token Exposure CoffeeLoader's GPU-based packing and call stack spoofing CoffeeLoader's HTTPS communication with certificate pinning CoffeeLoader's persistence mechanism via Windows Task Scheduler CoffeeLoader's Sleep Obfuscation CoffeeLoader's use of Windows Fibers Colonial Pipeline Ransomware Attack Command Injection Compromise of Zyxel CPE Routers Compromised Credentials and RDP Exploitation Compromised Customer Credentials Exploit Compromised Legitimate Domains for Phishing Compromised WordPress Sites for Redirection Container Escape via Device Access and DMA Attacks Content Security Policy (CSP) Bypass Coordinated Inverter Power Modulation Attack Creation of a text file on a public-facing Oracle server Credential Disclosure via Insecure Client-Side Handling Credential Disclosure via Insecure Storage Credential Harvesting via Phishing Credential Harvesting with Mimikatz Credential Reuse Credential Stuffing Credential Stuffing and Subsequent Lateral Movement Credential Stuffing via Atlantis AIO Credential Stuffing via Stolen Spectos Employee Credentials Credential Stuffing with Atlantis AIO Multi-Checker Credential Stuffing/Reuse Credential Stuffing/Valid Account Leverage Crocodilus Malware Cross-Chain Swaps Cross-platform JavaScript stealer Cross-Site Scripting (XSS) in Growatt Products CrowdStrike Outage CrowdStrike Update Failure CrushFTP Unauthenticated HTTP(S) Port Access Cryptocurrency mining Cryptocurrency Payment and Token System Exploit CSPT->JSONP->XSS CSPT->Open Redirect->XSS CSPT2CSRF CSS evasion tactics in spam emails CSS-based evasive phishing CSS-based Evasive Phishing Custom Backdoors (Veaty, Spearal) Custom wmiexec Variant for Lateral Movement CVE-2025-1974 Exploit Data Aggregation and Merging Data Breach Data Breach of SendGrid Data Breach of Tracelo Data Breach via Unauthorized File Download Data Breach via Unknown Means Data Breaches Data Collection and Third-Party Sale Data Exfiltration during Layoffs Data Exfiltration via Malware and Ransomware Data Leak via Commercial Data Services Data Leakage Data Leakage via Unsecured GenAI Apps Data Mixing Exploit in T-Mobile SyncUP Data Poisoning Data Poisoning/Model Manipulation/Data Leakage Data Scraping Data_Exfiltration DDoS attacks DDoS Attacks Decrypt Later Deepfake Attacks Deepfake Generation and Distribution Deepfake Generation Exploit Deepfake Social Engineering and Financial Fraud Deepfakes and AI-Fueled Attacks Default Credentials Exploit Default Password Authentication Bypass Denial of Service (DoS) and Remote Code Execution (RCE) in Sungrow Products Denial of Service via Repeated Restarts Denial-of-Service (DoS) via Cache Poisoning DFSCoerce Difficulty in Uninstalling/Disabling SafetyCore Disabling Target Security Solutions Disinformation Campaign Targeting 2024 Elections Distribution of Infostealer Logs via Telegram DLL Side-loading DLL Side-Loading DLL Side-Loading via ADNotificationManager.exe DLL Side-Loading via Screensaver in IMG File DLL side-loading with renamed Microsoft Office IME executable DLL Sideloading DLL Sideloading via Adobe Executable DNS Attacks (Sitting Ducks) DNS MX Record Abuse for Phishing Page Delivery DNS MX Record Exploitation (Morphing Meerkat) DNS MX Record Exploitation for Phishing DNS MX Record Exploitation for Targeted Phishing DNS MX Record Spoofing for Phishing DNS Tunneling DocuSign_Link_Expiration_Exploit Domain Hijacking Domain Hijacking of microsoftstream.com DOMPurify Bypass Drive-by Compromise via Phishing Email Drive-by Malware Downloads DWFX File Parsing Exploit DWFX File Parsing RCE DWFX_File_Parsing_RCE E-ZPass Phishing via SMS Easy Anti-Cheat Incompatibility EDR Kill Chain Disruption EDRKillShifter Email Account Compromise Email Account Hacking Email Encryption Ineffectiveness Encrypted Socket Communication Endpoint Attack on Signal Eramba Authenticated Remote Code Execution Evasive Malware through Code Attribute Modification EventLogCrasher Evilginx AitM Attack Evilginx Attack Evilginx-based MFA bypass Excessive and Random Permissions in AndroidManifest.xml Expired Domain Takeover Exploit of CALEA Mandates Exploit of Current Encryption Protocols by Future Quantum Computers Exploitation of End-of-Life Devices Exploitation of Fortinet Firewall flaws Exploitation of Known Exploited Vulnerabilities Exploitation of Known Exploited Vulnerabilities (KEVs) Exploitation of Leaked Credentials Exploitation of Misconfigured HMI Systems in Water Facilities Exploitation of new Apache Tomcat flaw Exploitation of Outdated High-Risk Applications Exploitation of outdated Microsoft Exchange and Windows Server endpoints Exploitation of recently disclosed Palo Alto Networks PAN-OS firewalls bug Exploitation of Unpatched Software Vulnerabilities Exploitation of Unpatched VPN Appliance Exploitation of Unpatched Vulnerabilities Exploitation of Unsecured Digital Signage Exploitation of Vulnerabilities in the Wild Exploitation of Vulnerable Credentials Exploiting Device Driver or Firmware Vulnerabilities Exploiting Pioneer DMH-WT7600NEX Car Infotainment System Exploits related to Pentagon infrastructure Exposure of Personal Information of US Security Officials Exposure of Venmo Accounts Extortion using stolen data Facial Recognition System Bias Facial Recognition to Identify Victims Fake DeepSeek Ads Malware Fake DeepSeek Google Ads Fake Google Ads Leading to Malware Download Fake Invoice Scam with Remote Access Trojan Fake Online Storefronts and Seller Profiles FakeApp Malware Campaign False NIST SP 800-171 Self-Assessment Fast Flux DNS Fast Flux DNS Technique Faulty CrowdStrike Driver Update Exploit FIN7's Anubis backdoor Find My Network Exploitation Forced Browsing Vulnerability (Footage Manipulation) FORCEDENTRY ForumTroll Exploit Fraud Attacks Targeting Financial Institutions FreeType Zero-Day FreeType Zero-Day Exploit Garble Obfuscation Weakness Geo-Fencing Git Tag Override GitHub Action Supply Chain Attack GitHub Actions Supply Chain Attack GitHub Actions Workflow Manipulation GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi Google Chrome Zero-day Exploit Chain Google Docs Phishing with Malware Download Google Forms Abuse for Data Exfiltration Gootloader Delivery via Compromised Legal Templates Government and Private Sector Data Acquisition GPS Jamming GPS Spoofing GPU-Based Packer Evasion Grandoreiro Banking Trojan Grandoreiro Banking Trojan Phishing Campaign Growatt Account Hijacking Growatt and other Vendor Device/Account Takeover Growatt Information Disclosure and Physical Damage Growatt Inverter Cloud-Based Control Hijacking Growatt Inverter Hijacking Growatt Username Enumeration Hacking/Unauthorized Access Hallucination Attacks Hard-coded Credentials Authentication Bypass Hardcoded AWS Key Exploit Hardcoded Credentials in Git Clone Command Harmful Content Generation Harvest Now Hidden Privilege Escalation Hiding WordPress malware in the mu-plugins directory Hijacked Iraqi Government Email Addresses IAM_Token_Harvesting_and_Remote_Command_Execution ICC Profile Parsing Out-Of-Bounds Write Identity Fabrication and Deception Identity Theft Identity Theft and Fraudulent Use of Stolen Identity Document Identity_Theft_and_Insider_Threat IDOR Access Control Vulnerabilities IDOR Exploit for Database Access Iframe Hijacking and Form Modification Iframe Injection and JavaScript Redirection IIS Web Shell Exploit IIS Webshell Deployment IIS Webshell Exploit ImageRunner Impossible Travel Logins Improper Group Management in Signal Improper Password Storage and Server Breaches Improper Privileged Access Grant Improper Use of Signal for Classified Information Inadequate Vulnerability Scanning and Patch Management Inappropriate Personal Information Collection in Apps and Services INC Ransomware Attack Incorrect Credential Rotation Indirect Prompt Injections Ineffective Traditional DLP Methods Info-stealer Malware Exploit Information Disclosure via Splunk Secure Gateway Information Stealing Malware on StreamElements Employee Machine Information-Stealing Campaign in Malaysia Ingress NGINX Controller Vulnerabilities IngressNightmare IngressNightmare Arbitrary Nginx Configuration Injection IngressNightmare Exploit Chain IngressNightmare Exploits IngressNightmare NGINX Vulnerabilities IngressNightmare_Exploit INMemory Web Shell INMemory Web Shell Deployment and Execution Insecure Code Leading to Attacks Insecure Direct Object Reference (IDOR) Insecure Direct Object Reference (IDOR) in Sungrow Products Insecure Password Storage Insecure Retrieval of Temporary Credentials Insecure_Query_Parameters Insider Threat Exploitation via Excessive Data Access Insufficient_VPN_and_other_security_technologies Interlock Ransomware Disguised as Software Updater Invoke-SMBClient with NTLM Hashes IP Spoofing in DDoS Attack iPadOS IPP Protocol Abuse Ivanti Connect Secure zero-day exploit Ivanti Connect Secure Zero-Day Exploit Ivanti Connect Secure zero-day exploitation by UNC5221 Ivanti Connect Secure Zero-Day Exploitation by UNC5221 Jailbreaking of Legitimate AI Tools Jumplump and Corelump Malware Deployment Kidflix CSAM Platform Exploitation Lack of Multi-Factor Authentication Lateral Movement Exploit Lateral Movement using Compromised Credentials Leaked Credentials Exploit Leveraging Valid Accounts for Initial Access LFI_Exploit LFR System Evasion by Covering Faces Living off the Land (LOTL) Techniques Living off the Land Binaries (LOLBins) Living off the Land Techniques (Volt Typhoon) Living-off-the-Land (LOTL) Techniques Living-off-the-Land Techniques (LOLBins) LLM Evasion LNK File Execution and PowerShell Downloader Loan App Scam Local File Include (LFI) Exploit Local File Inclusion (LFI) Exploit Local File Inclusion (LFI) on BlackLock Data Leak Site Local Privilege Escalation via Insecure OpenSSL Configuration Local Privilege Escalation via Missing Root of Trust Local Privilege Escalation via OpenSSL Misconfiguration Low-Severity Attacks for Evasion Lua Obfuscation in Flame Malware Lucid Phishing-as-a-Service Lumma Stealer Magecart Attacks Mailchimp Account Takeover via Phishing Mailchimp Phishing Attack Malicious AI Coding Assistant Rules Malicious Browser Extensions Malicious Code Embedded in AI Models and Software Packages Malicious Code Generation Malicious Document Converter Malicious free online document converters Malicious IP Blocking Malicious Links Compromising Devices Malicious LNK Files Targeting Ukrainian Users Malicious MP4 File Exploitation Malicious npm Package Installation Malicious Package Update Malicious Torrent Exploit Malicious Website Impersonation Maliciously Crafted Exploits in Emails and Websites Malvertising Campaigns Malvertising using Google Ads Malware Classification Evasion by Appending Benign Strings Malware Distribution via Malicious Links Malware to Hijack Messaging and Banking Apps Mamont Android Banking Trojan Man-in-the-Middle Attacks (mitigated by Private Wireless Networks) Manipulating the Device Plugin's Unix Domain Socket Manual Registry Modification Masquerading as Google Chrome Mass Decertification of Voting Machines Medusa Ransomware Exploitation of Unpatched Vulnerabilities Metadata Collection and Sharing in WhatsApp Mirai Botnet DDoS Attack Mirai Botnet Edimax Exploit Mirai Botnet exploiting CVE-2025-1316 Mirai-based Botnet Exploitation Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras Mirai-based botnets exploiting Edimax IP cameras zero-day Misconfiguration Exploit against Telecommunications Company (Weaver Ant) Misconfigurations Exploit Misconfigured Publicly Accessible Database Misleading Domain Registration MMC_MUIPath_Exploit Model Exfiltration Model Extraction (Clone-a-Classifier) Model Inversion (Training Data Extraction) Money Laundering via DeFi Morphing Meerkat Phishing Morphing Meerkat Phishing Kits Morphing Meerkat phishing kits exploit DNS MX records Morphing Meerkat Phishing Kits exploiting DNS MX records MOVEit Transfer and GoAnywhere Exploits MP4 File Parsing Out-of-Bounds Read to Arbitrary Code Execution MP4_File_Parsing_Exploit MSC EvilTwin MSHTA Command Execution Multi-layered cyberattack against Ukrzaliznytsia Multi-layered_Encryption_and_Staged_Execution Multi-Stage Dynamic Loading and Encryption Multi-stage Dynamic Loading and Obfuscation Multi-stage_Attack Multiple Proof-of-Concept Exploits Net.exe for Mapping Shares Network IDS Bypass due to Network Configuration Change Next.js Middleware Auth Bypass Next.js middleware authentication bypass Next.js Middleware Bypass NIST Cybersecurity Control Gaps Nitrogen Ransomware Abuse of truesight.sys Driver NPM Package Hijacking NTLM Hash Exposure via Unpatched Office Flaw NTLM relay attacks NYU Website Defacement OAuth 2.0 Refresh Token Phishing Obfuscation of Malicious Code within .NET MAUI Blobs Obfuscation Techniques in Malware Obfuscation_via_.NET_MAUI_and_Blob_Files Off-Topic Responses One-click phishing attacks exploiting a Chrome zero-day Open Redirect Abuse Open Redirect Exploit on AdTech Infrastructure Open Redirect Exploit on Adtech Platforms Open Redirect Exploits on Ad Tech Platforms Open Redirect Vulnerability in AdTech Infrastructure Operation ForumTroll Opportunistic Attacks on SMEs Oracle Cloud Hack Oracle Cloud Vulnerability Exploit OS Command Injection Out-of-bounds read leading to information disclosure Outlook Crash Exploit (Go to Classic Outlook Button) Outlook Drag-and-Drop Exploit Overlay Attack Overly Permissive IAM Policies Leading to Data Breaches and Malicious Activity Overly-Privileged Compute Engine Service Account Paragon Partition Manager BioNTdrv.sys driver zero-day Paragon Partition Manager Zero-Day Exploit Paragon Spyware Exploiting Zero-Click WhatsApp Flaw Pass-the-hash attacks Password Guessing Password Reuse and Weak Passwords Password Spraying Persistence via Malicious Code Persistent Reverse Shell Injection via Malicious npm Packages Personal Information Exposure via Online Directories Personalized Phishing Attacks PetitPotam Phishing Phishing and 2FA Reset Phishing and Social Engineering Phishing Attack Targeting Mailchimp Users Phishing Attacks Phishing Attacks Targeting Credentials Phishing Attacks with Social Engineering Phishing through Malicious Links Phishing using OTP Codes Phishing via QR Code and Doubleclick.net Redirect Phishing with Double Extensions Phishing with Malicious LNK Files Phishing_Attack_via_Embedded_WebView Phishing_in_MS_Office Phishing_via_Trusted_Platforms Phishing-as-a-Service (PhaaS) Platform Exploitation Phone Service Level Change Physical Social Engineering with AI-assisted OSINT PJobRAT Android Malware PJobRAT Android RAT PJobRAT Android RAT Exploit Planned Data Deletion Poor Vulnerability Scanning and Inadequate Patch Management Port Scanning Exhaustion Post-Exploitation Techniques PostgreSQL flaw chained with BeyondTrust zero-day Potentially Unsecured MongoDB Instance Powershell Backdoor (Power Service) PowerShell Command Injection via Fake CAPTCHA PowerShell Commands without PowerShell Process PowerShell Downloader and DLL Side-Loading PowerShell Privilege Escalation PrinterBug/SpoolSample Privilege Escalation via HostPath Mounts and Root Access Privilege Escalation via Misconfigurations Privilege Escalation via TOCTOU Program Compatibility Assistant (pcalua.exe) Execution Prompt Injection Prompt Injection Attacks Proof-of-Concept Exploit for CVE-2025-2825 (and potentially CVE-2025-31161) Proprietary Email System Failure ProxyLogon Exploit Publicly Available Exploits Targeting Healthcare Organizations Publicly Available Personal Information PWA/WebAPK Phishing Attacks QR_Code_Phishing QuickShell Random Text Printing Exploit (Post-Late January 2025 Updates) Ransomware Attack against Astral Foods Ransomware Attack on Colonial Pipeline Ransomware Attack on KLIA Ransomware Attacks Ransomware Attacks via Third-Party Access Ransomware Exploits Targeting IoMT Devices and Insecure Internet Connectivity Ransomware Exploits Targeting Vulnerable IoMT Devices Ransomware_Infection_via_Malicious_Emails_and_Downloads Rapid Exploitation of Newly Disclosed Vulnerabilities Rclone for Data Exfiltration RDP Disconnection Exploit RDP Disconnection Exploit (Post-January 2025 Updates) RDP Disconnection Exploit (UDP) RDP Freeze Exploit (Windows Server 2025) ReaderUpdate Malware ReaderUpdate Malware Loader Recursive HTTP Tunnel for Lateral Movement Recursive HTTP Tunnel Tool Remote Access Trojan (RAT) Functionality Remote Access Trojan (RAT) via Google Ads Remote Code Execution Remote Code Execution via sys ping Command Injection Remote Code Execution via Unauthorized Access in CrushFTP Remote Desktop Freeze Exploit (Post-February 2025 Updates) Remote Hacking of Inaba Plant Monitoring Cameras Resource Spoofing by Malicious Plugins REST_Interface_DoS RESURGE RESURGE Malware Resurge Malware Deployment Risky Sign-ins Roblox Download Block on Windows ARM Devices Romance Baiting Scam Romance Baiting/Pig Butchering Scam RomCom Exploit Chain Router Manipulation to Cause Network Chaos Rules File Backdoor Rules File Backdoor (AI Code Editors) Rules File Backdoor exploit Rules File Backdoor: AI Code Editors exploited for silent supply chain attacks Russian APT Firefox/Windows Zero-Day Chain S3 Bucket Misconfiguration Salvador Stealer Sandbox Bypass via Mojo Vulnerability Sandbox Escape via Malicious Website Sandbox Escape via Phishing Sandbox Escape via Zero-Day Vulnerabilities in Broadcom Virtual Machine Satellite Control System Compromise Satellite Jamming Satellite Spoofing Scams SCF File NTLM hash disclosure SCF File NTLM Hash Disclosure Search Engine Manipulation for Phishing Sensitive Data Exposure Server-Side Request Forgery (SSRF) Serverless Function Credential Harvesting and Lateral Movement ServiceNow Attack Vectors Shadow AI Shadow Copy Deletion Shodan scanning for vulnerabilities SIEM System Overload due to Increased Log Volume Signal Group Misinvitation Signal Phishing Exploit Silent Installation of SafetyCore SIM Box Fraud SIM Swap Attack SIM Swapping SIM Swapping/SIM Jacking Sleep Obfuscation SMA Sunny Portal .aspx File Upload RCE Smishing Scam with Fake Toll Payment Website SMS_Interception_and_OTP_Theft Sneaky2FA phishing Snowflake Hack Social Engineering Social Engineering Against AI Agents Social Engineering Scams (Impersonation) Social Engineering Scams (Phishing) Social Engineering with Fake Gambling Wins Social Engineering with Fake Security Alerts Social Engineering with Generative AI Software Supply Chain Attacks Sophisticated Exploit of CVE-2025-22457 SPAWN (ecosystem) SPAWN ecosystem malware SPAWNCHIMERA SpawnChimera Malware Deployment SPAWNSLOTH Spoofing Mailchimp Sender Name in Outlook iOS App SSH Backdoor Exploit SSH Tunneling SSRF against AWS Metadata Service SSRF_Exploit_via_XXE Stack Overflow in Sungrow Inverters Communication Dongles StilachiRAT Strategic Lawsuits Against Public Participation (SLAPP) Sungrow Hardcoded Password Sungrow Insecure AES Key and AitM Sungrow Inverter Hijacking Sungrow MQTT Vulnerabilities Supply Chain Attack via Malicious npm Packages Supply Chain Attacks Suprema Biostar 2 Breach Suspicious Mailbox Activity Targeted Attacks Against Older iOS TCP_Socket_C2_Communication Telegram Exploits Telegram_C2_Communication Third-Party Access Exploitation by Ransomware and State-Sponsored Attackers Third-Party Email Provider Misconfiguration Third-Party Vendor Compromise Timing Attack against startsWith TP-Link flaw exploited by Ballista Botnet Traditional Pattern Matching and Keyword Limitations TRAILBLAZE dropper and BRUSHFIRE backdoor Triada RAT Exploit Triada Trojan Pre-installation Trojan Horse Attack (Simulated) Troy Hunt Phishing Attack Typosquatting UAC Bypass Unauthenticated Access Exploit Unauthenticated Access to BEC Technologies Routers Unauthenticated Access to Public GitLab Data via GraphQL API Unauthenticated HTTP(S) Port Access Unauthenticated Oracle Access Manager Compromise Unauthenticated RCE via Misconfigured PostgreSQL Unauthenticated Remote Login via Static Credentials Unauthorized Access and Data Manipulation Unauthorized Access by DOGE Unauthorized Access to Sensitive Information via Unsecured Messaging App Unauthorized Access to Third-Party Patient Management Software Unauthorized Application Installation Unauthorized Data Access in T-Mobile 2021 Breach Unauthorized Self-Authorization in Salesforce UNC5221 Exploit (CVE-2025-0282) UNC5221 Exploit Chain (CVE-2023-46805 & CVE-2024-21887) UNC5221 Exploit of CVE-2025-22457 UNC5221_Exploit_of_CVE-2025-22457 Undisclosed Oracle Cloud Vulnerability Exploit Unknown Exploit Chained with CVE-2025-2783 Unpatched Known Vulnerabilities Unprotected AWS S3 Bucket Exploit Unprotected Google Cloud Storage Bucket Unsecured Amazon S3 Bucket Unsecured Database Exposure Unsecured Signal Communication for Sensitive Military Planning Unspecified Atop Exploit Unspecified Exploit leveraging CVE-2025-2783 Unverified JWT Payload in Call Log Retrieval API URL Redirection Exploit USB_Malicious_Update_Package Use of less common programming languages to evade static analysis Use of Signal for Concealing Government Communications User-Agent Header Injection for RCE VanHelsing Ransomware Veeam Recovery Media Incompatibility with Windows 11 KB5051987 Update Venmo Data Exposure Venmo Friend List Exposure Venmo Public Profile Exploitation Viasat KA-SAT Satellite Attack ViewState Code Injection ViewState code injection attacks Virtual Machine Vulnerabilities Vishing Vivaldi Browser VPN Limited Scope VPN_Application_Incompatibility VPN_Leak VPN_Resource_Exhaustion WAV File Parsing Exploit Weak or Nonexistent Obfuscation Weak Password Exploitation Weak Password Exploitation in MFA Weak Password Requirements and Forced Browsing Weak Passwords Weaponization of Federal Funding and Resources Web Shell Deployment on IIS Server Web Shell Tunneling Web Skimming with Deprecated Stripe API WebKit Flaw WebKit Zero-Day Exploit (Apple iOS) Widespread DrayTek Router Reboots Windows 11 24H2 Network Connectivity Issues Windows 11 24H2 Network Visibility Issue Windows Cloud File Mini Filer Driver Heap Overflow LPE Windows Fibers Windows Zero-Day Windows Zero-Day Exploit (Russian Ransomware Gang) WordPress Plugin Injection and Redirect Script WordPress Plugin Vulnerability Exploit XSS to RCE via Custom File Handler and Unauthenticated File Upload XWiki Search OS Command Injection XXE_Exploit YouTube Link Manipulation ysoserial.exe exploit Zero-day authentication bypass in PAN-OS Zero-day exploits and malicious malware
Vulnerabilities All CVE-2015-5177 CVE-2015-5221 CVE-2016-3177 CVE-2017-11882 CVE-2019-9874 CVE-2019-9875 CVE-2020-27212 CVE-2020-8515 CVE-2021-20123 CVE-2021-20124 CVE-2021-34473 CVE-2021-35587 CVE-2021-44228 CVE-2022-24999 CVE-2022-30190 CVE-2022-4046 CVE-2023-27532 CVE-2023-34048 CVE-2023-35082 CVE-2023-36255 CVE-2023-37545 CVE-2023-37546 CVE-2023-37547 CVE-2023-37548 CVE-2023-37549 CVE-2023-37550 CVE-2023-37552 CVE-2023-37553 CVE-2023-37554 CVE-2023-37555 CVE-2023-37556 CVE-2023-37557 CVE-2023-37558 CVE-2023-37559 CVE-2023-40680 CVE-2023-41061 CVE-2023-41064 CVE-2023-43177 CVE-2023-46805 CVE-2023-4863 CVE-2023-49103 CVE-2023-4966 CVE-2023-5123 CVE-2024-10037 CVE-2024-10206 CVE-2024-10207 CVE-2024-10208 CVE-2024-10209 CVE-2024-10210 CVE-2024-10487 CVE-2024-11499 CVE-2024-12169 CVE-2024-12797 CVE-2024-20439 CVE-2024-20440 CVE-2024-21887 CVE-2024-21894 CVE-2024-25600 CVE-2024-26170 CVE-2024-27956 CVE-2024-28995 CVE-2024-30085 CVE-2024-37085 CVE-2024-3721 CVE-2024-38271 CVE-2024-38272 CVE-2024-38812 CVE-2024-38813 CVE-2024-4040 CVE-2024-4345 CVE-2024-44243 CVE-2024-45480 CVE-2024-45481 CVE-2024-45482 CVE-2024-45483 CVE-2024-45484 CVE-2024-4577 CVE-2024-4761 CVE-2024-49039 CVE-2024-50623 CVE-2024-50685 CVE-2024-50686 CVE-2024-50692 CVE-2024-50693 CVE-2024-50694 CVE-2024-50695 CVE-2024-50698 CVE-2024-55963 CVE-2024-55964 CVE-2024-55965 CVE-2024-8313 CVE-2024-8314 CVE-2024-8315 CVE-2024-8353 CVE-2024-9680 CVE-2025-0111 CVE-2025-0282 CVE-2025-0283 CVE-2025-0731 CVE-2025-1097 CVE-2025-1098 CVE-2025-1316 CVE-2025-1445 CVE-2025-1449 CVE-2025-1658 CVE-2025-1659 CVE-2025-1660 CVE-2025-1974 CVE-2025-20229 CVE-2025-21308 CVE-2025-21377 CVE-2025-22224 CVE-2025-22225 CVE-2025-22226 CVE-2025-22230 CVE-2025-22457 CVE-2025-23120 CVE-2025-24085 CVE-2025-24182 CVE-2025-24185 CVE-2025-24190 CVE-2025-24200 CVE-2025-24201 CVE-2025-24210 CVE-2025-24211 CVE-2025-24230 CVE-2025-24243 CVE-2025-24244 CVE-2025-24256 CVE-2025-24513 CVE-2025-24514 CVE-2025-24517 CVE-2025-24799 CVE-2025-24813 CVE-2025-24852 CVE-2025-24983 CVE-2025-25211 CVE-2025-26512 CVE-2025-26633 CVE-2025-26689 CVE-2025-27218 CVE-2025-2748 CVE-2025-2762 CVE-2025-2763 CVE-2025-27631 CVE-2025-27632 CVE-2025-27633 CVE-2025-27636 CVE-2025-2764 CVE-2025-2765 CVE-2025-2766 CVE-2025-2767 CVE-2025-2768 CVE-2025-2769 CVE-2025-2770 CVE-2025-2771 CVE-2025-2772 CVE-2025-2773 CVE-2025-2783 CVE-2025-2825 CVE-2025-2857 CVE-2025-29891 CVE-2025-29927 CVE-2025-30154 CVE-2025-31161
MITRE ATT&CK TTP All "context": "The article explicitly describes the exploitation of a publicly exposed application (Ingress-NGINX admission controller) through the injection of malicious ingress objects. This leads to remote code execution (RCE) on the controller's pod due to a vulnerability in the configuration validation process." "contradictions": "None. The article clearly supports this technique." } "During the configuration validation phase "Exploitation for Client Execution: T1203 "independent_analysis": "The vulnerability resides in the public-facing component "When the Ingress-NGINX admission controller processes an incoming ingress object Access control weaknesses Accessibility Service: T1106 allowing remote code execution (RCE) on the Ingress NGINX Controller’s pod."] Application Layer Protocol: T1071 Brute Force Attacks: T1059 by sending a malicious ingress object directly to the admission controller through the network” Cloud Accounts: T1078 Cloud Accounts: T1078.004 Command and Scripting Interpreter: T1059 Compromised Credentials: T1552 Configuration Drift: T1562 Content Injection: T1659 Credential from Password Stores: T1555 Credentials from Password Stores: T1555 Data Breach: T1490 Data Encrypted for Impact: T1486 Data Poisoning Attacks: T1659 Denial of Service: T1486 Deobfuscate/Decode Files or Information: T1140 Drive-by Compromise: T1189 Drive-By Compromise: T1189 Email Forwarding Rule: T1114.003 Exploit Public-Facing Application: T1190 Exploitation for Client Execution: T1203 Exploitation for Privilege Escalation: T1068 Exploitation for Remote Code Execution: T1203 Exploitation for Remote Services: T1210 Exploitation of Remote Services: T1210 External Remote Services: T1133 File and Directory Discovery: T1083 HostPath Hardening: T1562 Impair Defenses: T1562 Indicator Removal: T1070 Ingress Tool Transfer: T1105 Inhibit System Recovery: T1490 Input Capture: T1056 it constructs an NGINX configuration from it and then validates it using the NGINX binary. Our team found a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely Lateral Tool Transfer: T1570 Modify Registry: T1112 Native API: T1106 Non-Application Layer Protocol: T1095 Obfuscate Files or Information: T1027 Obfuscate/Decode Files or Information: T1027 Obfuscate/Decode Files or Information: T1140 Obfuscated Files or Information: T1027 Obfuscation Files or Information: T1027 OS Credential Dumping: T1003 Overly Permissive IAM Policies: T1552 Phishing: T1566 PowerShell: T1059.001 Process Injection: T1055 Proxy: T1090 quotes": ["Because the software’s admission controllers are typically exposed to the public internet Ransomware: T1486 Remote Code Execution (RCE): T1021 Remote Code Execution: T1203 Remote Services: T1021 Scheduled Task/Job: T1053 Service Stop: T1489 Smishing: T1566 Social Engineering: T1566 Spearphishing Attachment: T1193 Spearphishing Link: T1192 Supply Chain Compromise: T1195 System Information Discovery: T1082 the admission controller the injected NGINX configuration causes the NGINX validator to execute code they are at “critical risk” of attack" Trusted Relationship: T1199 ttp": { "items": { "Exploit Public-Facing Application: T1190 Unsecured Credentials: T1552 Valid Accounts: T1078 Vishing: T1566 Weak Password Requirement: T1552 which processes incoming requests. Malicious requests leverage a flaw in the NGINX configuration validation to execute arbitrary code. The public exposure is a critical element enabling the attack." Windows Command Shell: T1059.003 Windows Management Instrumentation: T1047
Exploited Software All .NET MAUI .NET web shell .NET webshell @bithighlander/bitcoin-cash-js-lib @coinmasters/types @crosswise-finance1/sdk-v2 @ethersproject/providers @keepkey/device-protocol @travix/ui-themes @veniceswap/eslint-config-pancake @veniceswap/uikit 23andMe's internal systems 276 crypto wallets 70mai A510 aa-exec Aadhaar (India’s national identification system) ABB Products with enabled REST interface AbyssWorker (smuol.sys) Accelion FTA Accellion FTA Accessibility Active Directory ADNotificationManager.exe Adobe Adobe Executable (Vulnerable to DLL sideloading) Advanced Health and Care Limited Software AI applications and agents Amazon S3 Amazon Website Anchor/Rust Android Android Applications Android Camera App (version 8 and above) Android malware Android RCS Android System SafetyCore AnyDesk, Quick Assist, and TeamViewer AOL AOL dial-up service (circa 2005) Apache Camel Apache Tomcat APIs Appian Cloud AppianCloud Apple macOS Apple macOS AudioToolbox Apple macOS AudioToolboxCore Apple macOS CoreGraphics Apple macOS CoreText Apple products Apple Products AppleIntelKBLGraphics kext Applications with SSRF vulnerabilities Appsmith AresLoader AresLoader Malware Arista NG Firewall atop AutoCAD Autodesk AutoCAD 2022 Autodesk Navisworks Freedom Avi Load Balancer AWS Metadata Service AWS S3 AWS SQS B&R APROL <4.4-00P1 B&R APROL <4.4-00P5 B&R APROL <4.4-01 babel-preset-travix Banking Apps Bdrive Bdrive NetDrive BEC Technologies Multiple Routers BEC Technologies Routers BlackLock Data Leak Site BlackLock Ransomware Data Leak Site (DLS) bnb-javascript-sdk-nobroadcast Border Gateway Protocol (BGP) boto3 Bricks theme Broadcom Software (unspecified) Browser Extensions busybox BusyBox C# Canva CarlinKit CPC200-CCPA CChat Cerner Data Migration Servers (Oracle Health) Cerner legacy data migration servers Cerner's legacy server ChatGPT Check-in counter systems China Chopper China Chopper web shell CHOCO TEI WATCHER Chrome Chrome (unspecified version) Chrome Store OAuth Chrome Web Store Extensions (Unspecified) Chromecast (on Android TV) Chromium-based browsers (Edge, Brave, Vivaldi, Opera) cimfs.sys Cisco firewalls Cisco Smart Licensing Utility Citrix Citrix Components Citrix Session Recording Agent (SRA) version 2411 Citrix ShareFile Citrix, Cisco, Fortinet, GlobalProtect, SonicWall VPN services, and Microsoft Remote Desktop Web (RDWeb) cldflt.sys (Windows Cloud Files Mini Filer Driver) Cleo Cleo Harmony Cleo LexiCom Cleo secure file transfer software Cleo software Cleo VLTrader ClipBanker, Grandoreiro, CliptoShuffler, BitStealer (PC Malware) Cloud IAM Tokens cloud infrastructure Cloud infrastructure Cloud Storage Services Cloudflare Cloudflare DoH Cloudflare R2 Cobalt Strike CODESYS Runtime Colonial Pipeline's corporate systems Commix ConnectWise Corelump Malware CosmosSDK country-currency-map Crocodilus CrowdStrike CrowdStrike Driver (Unspecified Version) CrowdStrike Falcon (driver) CrushFTP CrushFTP v10 CrushFTP v11 Cryptocurrency Wallets curl Cylance AI-powered AV product DeepSeek DeepSeek generative AI software DeFi protocols Delphi Delphi-based executable Digital Signage Systems DNS Servers Docker DocuSign DOMPurify DoubleClick DrayTek devices DrayTek Routers Dropbox DuckDuckGo Easy Anti-Cheat eBay Edimax Camera EDRKillShifter Eight Sleep Pod Firmware Electron Email Clients (Unspecified) Email Software (Unspecified) End-of-Life (EOL) Devices Eramba (up to 3.19.1) eslint-config-travix ESP32 Chip Ethereum ethers ethers-provider2 ethers-providerz Event Tracing for Windows (ETW) and Antimalware Scan Interface (AMSI) evilginx Explorer.exe Facebook/Meta file transfer software File transfer software Firefox Firefox (unspecified version) Flight information display systems FortiClient VPN software FortiGate Firewall Fortinet FortiOS FraudGPT FreeType Garble Generic Retail Firm's Computer and Payment System (Unspecified) GenNomis GenNomis AI image generation tools GenNomis AI-powered image generation platform Giflib GitHub Actions GitHub CodeQL GitHub Copilot GitHub Copilot and Cursor GitLab GiveWP plugin GLPI <= 1.0.18 (with Inventory Plugin) Gmail Gmail, Outlook, AOL, Office 365, Yahoo GMX GMX.de GNSS receiver software Go GoAnywhere GoAnywhere MFT Golang GolangGhost Google Ads Google Ads Platform Google Artifact Registry Google Authenticator Google Chrome Google Chrome (unspecified version) Google Cloud Run Google Container Registry Google Docs Google DoubleClick Google Drive Google Drive, Dropbox, OneDrive Google Forms Google Gemini Google Public DNS Google Quick Share Google Workspace Sync GPS Systems GPT-J Grafana Grammarly Growatt evcharge.growatt.com/ocpp endpoint Growatt Inverters Growatt server-api.growatt.com/newPlantAPI.do endpoint Growatt server-api.growatt.com/newTwoEicAPI.do endpoint Growatt server.growatt.com/userCenter.do endpoint Growatt Solar Power System Products Heracles MSIL Trojan Hitachi Energy RTU500 Hotmail HTTPS Certificates Hyper-V Hypervisors IAM Applications IIS Server ImageIO (CVE-2023-41064) iMessage Inaba Choco Tei Watcher Mini (IB-MCT001) Inaba Plant Monitoring Cameras IndusInd Bank app (Android) Info-stealer malware Ingress Nginx Controller Ingress NGINX Controller Ingress NGINX Controller for Kubernetes ingress-nginx Ingress-Nginx Controller INMemory INMemory web shell Intel Smart Sound Technology (Intel SST) drivers (versions 10.29.0.5152 or 10.30.0.5152) Internet Archive infrastructure Internet Information Services (IIS) Internet-of-Medical-Things (IoMT) devices Investment Applications Invoke-SMBClient PowerShell module IoMT devices IoMT Devices iOS iOS (before 17.2) iOS 16.6 iOS 18.4 iOS Apps (BDSM People, Chica, Pink, Brish, Translove) IoT and OT Devices iPadOS (before 17.2) Iraqi government email system Ivanti Connect Secure Ivanti Connect Secure (ICS) Ivanti Neurons for ZTA gateways Ivanti Policy Secure Ivanti software (unspecified) Ivanti ZTA Gateways JasPer JPEG-2000 Java (pre-2020 patch) Javascript (.js) Jumplump Malware Juniper Routers Juniper Routers (End-of-Life) Juniper Session Smart Networking Platform (SSR) Kaspersky Kentico Xperience CMS Kidflix KidFlix Kubernetes Kubernetes Device Plugins Kubernetes Service Accounts LastPass Legacy Windows and Linux Operating Systems Linux Linux Stealer Log4j 2 (Log4Shell) macOS Sonoma (before 14.7.5) macOS Ventura (before 13.7.5) Mail.com Mailchimp Malaysia Airports Holdings Berhad (MAHB) systems Mamona Ransomware Data Leak Site (DLS) Mamont (Android Malware) Mastercard Website Medusa Ransomware Mega Messaging and banking apps Messaging Applications Metropolitan Police Database Microsoft Microsoft 365 Microsoft 365 (M365) Microsoft Account Login Microsoft Accounts Microsoft Edge Microsoft Entra ID Microsoft Equation Editor Microsoft Exchange Microsoft Exchange Server Microsoft Management Console (MMC) Microsoft Management Console (MSC) Microsoft Office Microsoft Office (Word and Excel) Microsoft Office 365 Microsoft Office IME executable Microsoft Outlook (Classic) Microsoft Outlook (New) Microsoft Products Microsoft SharePoint Microsoft Support Diagnostic Tool (MSDT) Microsoft Teams Microsoft Windows Microsoft Windows Hello for Business Microsoft Word (.docx) Mirai Mirai Botnet (Moobot variant) Mobile Banking Applications MongoDB Most Browsers MOVEit Transfer Mozilla Firefox MS4Killer Nautilus NetApp SnapCenter NetDrive Netflix Network IDS (Intrusion Detection System) Next.js Next.js web framework nginx NGINX Nmap Node.js NSW Online Registry Website (ORW) Numotion employee email accounts NYU Website Office 365 OpenAI's Redis client open-source library OpenSLP Oracle Access Manager Oracle Classic (Generation 1 Oracle Cloud Infrastructure) Oracle Cloud Oracle Cloud Classic (Gen 1) Oracle Cloud federated SSO login servers Oracle Cloud Infrastructure (OCI) login servers Oracle Fusion Middleware Oracle Fusion Middleware 11g Oracle Fusion Middleware OpenSSO Agent Oracle Identity Manager (IDM) OT Automation Systems OT devices Outlook Outlook iOS app Over 1,500 banking applications and websites Palo Alto Networks GlobalProtect VPN PAN-OS PayPal Website pcalua.exe Pioneer DMH-WT7600NEX PJobRAT Point-of-Sale (PoS) Systems Powershell PowerShell PrestaShop Progressive Web Apps (PWAs) Proprietary Mortgage Lender Email System Protective DNS (PDNS) Services Pulse Connect Secure Pulse Connect Secure 9.x Python Rclone RCS RDP RDP (Remote Desktop Protocol) and VNC (Virtual Network Computing) React ReaderUpdate Redis Remcos Remote Monitoring and Management (RMM) Software Reviewdog reviewdog/action-setup Roblox Roblox (on Windows Arm devices) Rust SaaS Applications (Unspecified) Salesforce Samba Services Manager (Sony Bravia TVs) SangaalLite ScreenConnect Secure Shell (SSH) SendGrid Serverless Functions ServiceNow ShadowPad SharePoint SIEM (Security Information and Event Management) system Signal Sitecore Sitecore CMS and Experience Platform (XP) SketchUp SMA Inverters SMA Solar Power System Products SMA Sunny Portal (via sunnyportal.com) SMA sunnyportal(.com) Smart TVs (various brands including LG, Sony, TCL) SMB (Server Message Block) Snap Builder Snowflake Solana SparrowDoor Spectos Data Collection and Analytics Service Splunk Enterprise Splunk Secure Gateway App SpotBugs ssh2 Staffplan Citrix server Startklar Elementor Addons plugin Steam STMicroelectronics STM32L4 devices StreamElements Order Management System Stripe API Sungrow Android application Sungrow Inverters Sungrow MQTT message handling Sungrow Solar Power System Products Sungrow WiNet WebUI SunPass, E-ZPass, EZDrive Massachusetts Suprema's Biostar 2 platform Symphonica Symphonica system System.Management.Automation.dll T-Mobile SyncUP T-Mobile Systems Tailwind CSS Telecom Infrastructure Telecommunications Switching Infrastructure (with CALEA interfaces) Telegram Telegram Bot API Third-party patient check-in software TivoDiag.exe tj-actions/changed-files GitHub Action tj-actions/eslint-changed-files Tor Browser TOR-based data leak site (DLS) TradingView (cracked versions) Triada Trojan TRMTracker TRON truesight.sys Twilio Authy Twitter (X) Two-Factor Authentication (2FA) System U.S. Government and Military-linked Infrastructure Ubuntu Ubuntu 24.04 Ubuntu 24.04 LTS Ubuntu Linux 23.10 Ubuntu Linux 24.04 UltraViewer Unspecified Advanced Computer Software Group Products Unspecified Application Unspecified Astral Foods Systems Unspecified Clipboard Accessing Malware Unspecified Customer Account Management Software Unspecified Election Infrastructure Software Unspecified Email Services Unspecified End-of-Life Software Unspecified fraudulent websites/apps Unspecified Information-Stealing Malware Unspecified Misconfigured Software Unspecified Remote Access Malware Unspecified social media apps and mini-apps Unspecified Software Development Kits (SDKs) Unspecified U.S. Treasury Department Payment Systems Unspecified USB Flash Drives Unspecified Vulnerable Driver Unspecified Wearables and Smart Home Products Unspecified Web Applications Unspecified Webcasting Software Unspecified Windows Trojan (Malware.AI.1323738514) VanHelsing Ransomware Various Gen-AI applications (ChatGPT, Copilot, DeepSeek, Gemini) Various Online Shopping Platforms (eBay, Shopify, Spotify, Mercado Libre, Alibaba, Apple, Netflix, Adidas, Ozon) Various SaaS applications (unnamed) Veeam Agent for Windows Veeam Backup and Replication Veeam Cloud Backup Venmo Verizon Call Filter Android app Verizon Call Filter iOS app Vertex AI Workbench Verve Asset Manager Viasat KA-SAT satellite system Visual Basic Script VMware Aria Operations VMware ESXi VMware Tools for Windows VMware Tools for Windows v12.5.1 VMware vCenter Server Voting Machines VPN Appliances VPNs Vulnerable Drivers (BYOVD) W3C CSS Validator Wallet (CVE-2023-41061) Web Android Package Kits (WebAPKs) Web Applications (Magecart Attacks) Web Browsers (Unspecified) Web.de WebKit WeTransfer WhatsApp Windows Windows (NTLM) Windows (Zero-Day) Windows 10 (version 22H2) Windows 11 Windows 11 (Unspecified Versions) Windows 11 (versions 22H2 and 23H2) Windows 11 24H2 Windows 11 24H2 (build 26100.3194 or higher) Windows Explorer Windows Media Player (wmplayer.exe) Windows module to execute PowerShell commands Windows PowerShell Windows Server Windows Server 2016 Windows Server 2025 Windows Task Scheduler Windows Win32 Kernel Subsystem WooCommerce WordPress WordPress Automatic Plugin WordPress Plugins X-Wiki xmph_codec.exe XORbot Yahoo Yandex Yoast SEO Plugin Zoho Zoom Zyxel Customer Premises Equipment (CPE) home routers
Involved Countries All Afghanistan Africa Angola Argentina Arkansas Aruba Asia Australia Austria Azerbaijan Belarus Belgium Benin Bolivia Botswana Brazil Burundi California Cambodia Canada China Commonwealth of Independent States (CIS) Congo Côte d'Ivoire Côte d’Ivoire Countries in the Gulf Cooperation Council (GCC) Croatia Cuba Democratic People's Republic of Korea (DPRK) Denmark DPRK DPRK (North Korea) Estonia EU Europe European Union European Union (implied) Finland France Germany Greece Guatemala Honduras Hong Kong Hungary India Indonesia Iran Iraq Ireland Israel Italy Japan Jordan Kazakhstan Kyrgyzstan Lithuania Louisiana Madagascar Malaysia Massachusetts Mauritania Mexico Michigan Morocco Myanmar Netherlands Nevada New Zealand Nicaragua Nigeria North Carolina North Korea North Korea (DPRK) Norway Ohio Pakistan Palestine Paraguay Pennsylvania Peru Poland Portugal Romania Russia Rwanda Saudi Arabia Serbia Singapore Slovakia Slovenia South Africa South Korea Spain Sweden Switzerland Syria Taiwan Tajikistan Thailand Togo Tunisia Turkey Turkmenistan U.S. UAE UK Ukraine United Arab Emirates United Kingdom United States United States of America Uruguay US USA Utah Uzbekistan Venezuela Vietnam Yemen Zambia
Affected Industries All Academia Academia/Higher Education Accommodation Accounting and Payroll Services Ad Tech AdTech Advertising Advertising Networks Advertising Technology Aerospace Aerospace engineering AI Image Generation AI Security Air Freight & Logistics Airline Antivirus Software Industry Antivirus/Endpoint Detection and Response (EDR) Software Industry API Security industry Artificial Intelligence (AI) Automotive Automotive Industry (Self-Driving Cars) Automotive/IoT Automotive/Telematics Aviation Aviation/Airport Operations Banking Banking Organizations Banks (Financial Institutions) Beauty and Cosmetics Biometrics Biotech Blockchain Development Blockchain Technology Blockchain Technology/Cryptocurrency Bot Development Bot Management industry Building Management Businesses (Canada) Capital Markets Centralized Finance (CeFi) Certification Authority (CA) Industry Child Protective Services Civil Society Organizations Cloud Backup Services Cloud Computing Cloud Services Cloud Storage Cloud Storage Services Commercial Satellites Computing Infrastructure Construction Construction & Engineering Content Management System (CMS) Development Content Management Systems (CMS) Corporate/Server Infrastructure Courier Services Critical Infrastructure Critical National Infrastructure Crypto Cryptocurrency Cryptocurrency Exchange Cryptocurrency Trading Cryptography and Cybersecurity Research Customer Relationship Management (CRM) Cybersecurity Cybersecurity Research Cybersecurity Service Providers Cybersecurity Services Data Analytics Data Backup and Recovery Data Backup and Recovery Industry Data Brokerage Data Brokering Database Administration Dating App Dating Apps Dating Services Decentralized Finance (DeFi) Defense Defense contracting Defense Industrial Base Defense Industrial Base (DIB) companies Digital Platforms Digital Signage Discrete Manufacturing Distribution Domain Name System (DNS) Services Domain Registrar Industry Domain Registrars Domain Registration and DNS Services E-commerce Education Election Technology Election Technology and Infrastructure Electronic Toll Collection Email and Messaging Services Email Hosting/Cloud Computing Email Marketing Services Email Marketing/Newsletter Services Email Providers Email Security Email Service Providers Email Service Providers (ESPs) Email Services Embedded Devices/Industrial Control Systems (ICS) Emergency Services Employment Services/HR Endpoint Security Energy Energy (Pipeline) Energy (specifically Oil and Gas) Energy and Utilities Energy Grids Energy Sector Energy, Oil & Gas, and Utilities Engineering Engineering and construction Enterprise Enterprise Monitoring Enterprise/Businesses Entertainment Entertainment/Media Fashion Federal Civilian Executive Branch (FCEB) Agencies Federal Government Institutions (Canada) Federal/Central Government File Transfer File Transfer and Sharing Solutions File Transfer Protocol (FTP) Software File Transfer Server Operators File Transfer Services File Transfer Software File Transfer Software Providers File Transfer Software/IT File Transfer Software/Services Finance Finance (Cryptocurrency) Financial institutions Financial Institutions Financial Services Financial Services (Banking) Financial Services (Broader) Financial Services (Credit Unions) Financial Services Software Fintech Food and Beverage Food and Staples Retailing Food Delivery Services Food Service Fraud Prevention Gambling Gaming Gaming Industry Genetic Testing Genetic Testing and Research Government Government (Federal) Government (Justice System) Government (Postal Services) Government (State and Local) Government (US) Government Agencies Government organizations Government/Federal Agencies (US) Government/Military Government/National Security GPS Tracking Device Manufacturing Hardware Industry Health Insurance Healthcare Healthcare and Insurance Healthcare Providers Higher Education Hospitality Hosting Hotels Human Resources Human Resources (HR) HVAC Identity and Access Management (IAM) Image and Video Delivery Incident Response Industrial Automation Industrial Conglomerates Industrial Control Systems (ICS) Industrial Internet of Things (IIoT) Industrial products and services Industrial Real Estate Information Security Information Technology Information Technology (IT Services) Information Technology (IT) Information technology (IT) or technology consulting Information Technology/Software Insurance Intelligence Internet Archive/Digital Preservation Internet of Things (IoT) Internet of Things (IoT) Security Internet Security Internet Service Providers (ISPs) Investment Investment Services IT IT Administration IT and Cybersecurity IT and Software IT Infrastructure IT Security IT Service Management IT Services IT Software IT/Cybersecurity IT/Software IT/Technology Journalism/Media Labor Unions Law Enforcement Law Firms Law services and consulting Legal Legal Professionals Legal Services Legal/Government Services Life Sciences Live Streaming Logistics Logistics Shipping Services Machine Learning (ML) Managed Service Providers (MSPs) Manufacturing Manufacturing (Production Line Monitoring) Maritime Media Media (Journalism) Media & Entertainment Media and Entertainment Media and social media companies Media Organizations Medical Device Manufacturing Messaging Apps Military Mobile Banking Mobile Phone Manufacturing Multinational Companies Multinational corporations Network Security Networking Equipment Networking Equipment Manufacturing Networking/Cybersecurity Observability Tools Oil and Gas Online Casinos Online Dating Apps Online Directory Services Online Gambling/Casinos Online Retail Operational Technology (OT) Organizations Supporting the IDF Password Management Payment Processing Pharmaceutical Point-of-Sale (PoS) Systems Postal Services Poultry Power Grid Power Grid Industry Power Grid/Energy Printing Industry Private Firms Private Forensic Firms Protective DNS (PDNS) Providers Public Sector/Government Quantum Computing Rail Transportation Recruitment Regtech Remote Monitoring and Management (RMM) Software Renewable Energy (Solar Power) Research Restaurant Industry Retail Retail (Fashion) Retail & Hospitality Retail and Hospitality Retail, wholesale and distribution Satellite Communications Scientific Computing Search Engines Secure File Transfer Software Security Security Guard Services Semiconductor Assembly and Test (OSAT) Semiconductors Shipping Small and Medium Businesses (SMBs) Small and Medium-sized Businesses (SMBs) Smart Home Security Smart Home Technology Smart TV Manufacturing Social Media Social Networking Software Software (specifically Backup and Replication software) Software and IT Services Software and Technology Software as a Service (SaaS) Software Browser Industry Software Companies (Chinese) Software Development Software Development/Cybersecurity Software Development/GitHub Actions Software Development/Web Application Development Software Development/Web Development Software Industry Software Security Software Supply Chain Software/Application Development Software/CMS Software/Content Management Systems Software/IT Security Software/Managed Services Software/Technology Software/Virtualization Solar Energy Solar Energy Industry Solar Power Industry Space State and Local Government Streaming Services Supercomputing Surveillance Technology Tax Services Technology Technology (Messaging Apps) Technology (Software as a Service) Technology (Software) Technology (Software/SaaS) Technology Services Telecom Telecom Providers Telecommunications Telecommunications (5G) Telecommunications/Networking Trade Associations/Groups Traditional Finance Transportation Unspecified Industries Venture Capital Video Game Companies VPN VPN and Network Security VPN Appliance Industry VPN Providers VPN Services VPNs Water and Wastewater Wealth Management Wearables and Smart Home Web Application Development Web Application Firewall (WAF) industry Web Application Security Web Application Servers Web Browser Development Web Development Web Development/Software Development Web Hosting Web Hosting (Cloudflare) Web Hosting (Google) Web Hosting/Website Development Web PKI Ecosystem Webcasting/Streaming Website Development and Hosting Website Hosting/Development WordPress