mitre-t1566
976 articles with this tag
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
LOW
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
CRITICAL
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
MEDIUM
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
Russia-aligned crime group Greyvibe extensively uses AI in attacks
AI helps Russian-speaking GreyVibe run five parallel attack chains on Ukrainian targets
Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface
ChatGPT share links abused to host fake outage pages to deliver malware
North Korean hackers Kimsuky target South Korea with new malware variants
New threat actor JINX-0164 targets crypto firms with macOS malware
Íslandsbanki varar við svikapóstum
Varað við svikapóstum frá bankanum
Charter Communications Data Breach Could Impact Nearly 5 Million
Silent Ransom Group Uses In-Person IT Impersonation to Breach Systems
Signal users targeted in backup-stealing phishing attacks
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
Russia-linked threat group put ChatGPT to work from lure to payload
ChatGPT blindly trusts browser content, turning the page into a payload
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
LinkedIn-themed phishing abuses Adobe’s A/B testing platform
Charter Communications data breach affects 4.9 million accounts
GreyVibe hackers use ChatGPT, Gemini to power cyberattacks
BTMOB Android malware service generates custom phishing payloads
FBI warns of fake FIFA websites running World Cup fraud schemes
Russia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge Cyberattacks
Threat Intel: Kemper Corporation Hit by ShinyHunters Salesforce Extortion Campaign (269k Accounts Ingested by HIBP)
Carnival Data Breach Exposed 6 Million People
Cybercriminals sail away with data from 6 million Carnival customers
New BTMOB Android Malware Enables Full Device Takeover
Carnival confirms data breach impacting nearly 6 million
Carnival confirms ShinyHunters cruised off with 6M customer records after April breach
New Threat Actor Jinx-0164 Targets Crypto Developers on macOS
Carnival Cruise confirms data breach affecting nearly 6 million people
Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks
A single typo could derail your World Cup plans
Employees are unknowingly inviting tech support impersonators into firms, says FBI
FBI warns law firms of in-person data theft by Silent Ransom Group
FBI warns US-based law firms to be on the lookout for cybercrime group that steals data in person
Ransomware Actors Show Up In Person to Steal Law Firm Data
AI chatbot recommendations lure users to cryptojacking malware sites
BTMOB Android RAT poses significant threat with easy-to-use builder
How attackers engineer BECs against specific organizations
Latin American Cybercriminals Hoover Up Government Data
FBI: Get to know your IT guy – extortion crews are visiting law firms pretending to be tech support
Grandoreiro Malware and BTMOB RAT Campaigns Target Windows and Android Users
New Phishing Technique - Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault
Hackers are knocking on office doors pretending to be IT staff
Iranian threat group targets US aviation sector with AI-assisted ‘MiniFast’ backdoor
Kali365 phishing kit bypasses MFA and steals Microsoft logins
FBI warns of in-person data theft attacks from extortion gang
Thousands of Fake FIFA Domains Target World Cup Fans
Threat Intel: Lithuania Investigates B2B Credential Misuse Exposing 600,000 National Registry Records
Fake LinkedIn emails abuse Adobe to track victims
FBI: Hackers Sending Operatives in Person to Insert USB Drives and Steal Data
PureLogs Variant Steals Data via Purchase Order Lures
BTMOB: A stealthy RAT burrowing deep into Android devices
Fake AI tool websites used to steal developer data
Formula 1 fans targeted by evolving scams, Bitdefender warns
ShinyHunters extorts Charter Communications after data breach
Charter confirms data breach after ShinyHunters extortion threat
CypherLoc scareware tricks millions into identity theft traps
Detecting Tycoon 2FA AiTM attacks across Entra ID and Google Workspace
FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts – no password required
Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception
Chinese phishing gangs grow into a force to be reckoned with
BTMOB Android RAT Spreads Through No-Code Builder Tooling
Iranian APT Targets Aviation, Software Companies With Updated Tools
185,000 Likely Impacted by 7-Eleven Data Breach
MFA Prompt Bombing: Why Your Second Factor Isn't Saving You
700+ education and tech websites hijacked in huge ClickFix malware campaign
Scammers pretending to be Microsoft had help from US executives
Iran-Linked Hackers Target US Aviation with Phishing and SEO Poisoning Campaign
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
Security experts caution MFA alone can no longer stop threat actors
FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms
FBI Warns 'Kali365' Phishing Kit Hijacks Microsoft 365 OAuth Tokens
2 PhaaS 2 Furious: The Evolution of Chinese-language Phishing Services
Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
Belarus-linked Ghostwriter group targets Ukraine using Prometheus learning platform lures
FBI warns about fast-growing phishing kit targeting Microsoft 365 users
FBI warns of Kali Oauth stealers
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
Facebook scam targets users over 40 with fake Aldi meat box offers
Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict
Smishing Campaigns Scale Mobile Financial Theft Operations
Tracking Iranian APT Screening Serpens’ 2026 Espionage Campaigns
Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload
Microsoft 365 users targeted by new phishing threat that bypasses MFA
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
One Man, One AI, One Fake Persona: Inside the 5-Year Influence and Fraud ‘Patriot Bait’ Campaign
Inside the RaaS Ecosystem: Operators, Affiliates & Attack Tradecraft | Huntress
Storm-2949 actor targets Microsoft 365 and Azure environments
The AiTM problem nobody's architecture actually solves
Poland directs officials to cease Signal use amid cyberattack concerns
QR Code Phishing Surges as Attackers Shift Toward Mobile Tactics
Researchers Warn CypherLoc Scareware Has Targeted Millions of Users
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
Microsoft Self-Service Password Reset abused in Azure data theft attacks
AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks
In stunning display of stupid, secret CISA credentials found in public GitHub repo
How Storm-2949 turned a compromised identity into a cloud-wide breach