mitre-ta0001
7189 articles with this tag
HIGH
CRITICAL
CRITICAL
HIGH
MEDIUM
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
CRITICAL
CRITICAL
MEDIUM
CRITICAL
CRITICAL
CRITICAL
HIGH
CRITICAL
CRITICAL
HIGH
CRITICAL
MEDIUM
MEDIUM
CRITICAL
MEDIUM
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
HIGH
HIGH
HIGH
MEDIUM
HIGH
HIGH
HIGH
HIGH
MEDIUM
CRITICAL
CRITICAL
CRITICAL
HIGH
HIGH
CRITICAL
MEDIUM
HIGH
CRITICAL
HIGH
MEDIUM
MEDIUM
MEDIUM
HIGH
HIGH
HIGH
HIGH
HIGH
HIGH
CRITICAL
HIGH
CRITICAL
HIGH
HIGH
HIGH
MEDIUM
HIGH
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
HIGH
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
CRITICAL
HIGH
CRITICAL
CRITICAL
HIGH
CRITICAL
MEDIUM
MEDIUM
CRITICAL
CRITICAL
HIGH
HIGH
HIGH
CRITICAL
HIGH
HIGH
CRITICAL
HIGH
AI brands as bait: How threat actors are using the AI hype in social engineering
CISA gives agencies 3 days to patch maximum severity Ivanti vulnerability
China-Linked TA4922 Expands Phishing Attacks to U.K., Germany, Italy, and South Africa
Suspected North Korean actors use fake ‘coding assignments’ to steal crypto
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
FBI takes down massive China-based cybercrime network that caused $1.9B in losses
Google sues to dismantle AI-powered cybercrime operation
Novo Nordisk discloses data breach affecting patient and healthcare professional information
10-year-old phpBB vulnerability allows admin account takeover
China-nexus group hid in Linux login system for nearly a decade
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE)
Palo Alto Networks PAN-OS GlobalProtect Authentication Bypass
ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data
Iran-linked group Handala claims to steal Cal Water customer info
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
400+ Arch Linux AUR Packages Hijacked to Install Rust Credential Stealer
phpBB forum fixes auth bypass bug lurking for a decade
Palo Alto Networks PAN-OS GlobalProtect Auth Bypass
CISA Adds One Known Exploited Vulnerability to Catalog
Over 400 Arch Linux packages compromised to push rootkit, infostealer
ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw
Silent Ransom Group: what you need to know
French government’s secure messaging system breached
Vulnérabilité dans Oracle PeopleSoft (12 juin 2026)
Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)
Microsoft has mostly repaired a flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
Google sues China-based scammers over Gemini AI abuse
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
Iranian Cyber Group Handala Claims Cal Water Hack
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
[NEU] [mittel] Synacor Zimbra: Schwachstelle ermöglicht nicht spezifizierten Angriff
[NEU] [mittel] Sonatype Nexus Repository Manager: Schwachstelle ermöglicht Offenlegung von Informationen
[NEU] [hoch] MongoDB: Schwachstelle ermöglicht Denial of Service und Offenlegung von Informationen
[NEU] [mittel] MISP: Mehrere Schwachstellen
[NEU] [mittel] QEMU: Schwachstelle ermöglicht Denial of Service
[NEU] [hoch] VMware Tanzu Spring Cloud Gateway Server und Sleuth: Mehrere Schwachstellen
[NEU] [mittel] GeoServer: Mehrere Schwachstellen
[NEU] [hoch] IBM i: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode mit Administratorrechten
Pharma giant Novo Nordisk discloses breach of clinical trials data
Fake verification pages are stealing Steam accounts from players
Ivanti Sentry Exploitation Attempts Hitting Honeypots
INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
[NEU] [hoch] Langflow: Mehrere Schwachstellen
[NEU] [mittel] IBM Langflow Desktop und OSS: Mehrere Schwachstellen
Oracle PeopleSoft zero‑day fuels ShinyHunters extortion spree
[NEU] [mittel] Fleet: Mehrere Schwachstellen ermöglichen Offenlegung von Informationen
[NEU] [mittel] vllm: Mehrere Schwachstellen
CISA orders feds to patch actively exploited Ivanti flaw by Sunday
[NEU] [hoch] Google Chrome: Mehrere Schwachstellen
[NEU] [UNGEPATCHT] [mittel] Keycloak (admin-ui-ext): Schwachstelle ermöglicht Manipulation von Dateien
[NEU] [mittel] Apache CXF: Mehrere Schwachstellen
NCSC-2026-0196 [1.00] [M/H] Kwetsbaarheden verholpen in GitLab Enterprise Edition
NCSC-2026-0197 [1.00] [M/H] Kwetsbaarheid verholpen in Fortinet FortiPortal
[UPDATE] [mittel] Apache Commons Beanutils: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
[UPDATE] [hoch] git: Mehrere Schwachstellen
NCSC-2026-0195 [1.00] [M/H] Kwetsbaarheid verholpen in Oracle PeopleSoft Enterprise PeopleTools
Over 73,000 French govt employees affected in Tchap messenger breach
Phishing Alert - Beware of Fraudulent “WhatsApp Security Centre” Pages Hijacking Accounts
Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters
[UPDATE] [hoch] Apple macOS: Mehrere Schwachstellen
Marking Your Own Homework (Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751)
Malicious npm packages abuse dependency confusion to profile developer environments
Splunk Products Multiple Vulnerabilities
GitLab Multiple Vulnerabilities
Maine breach portal abused to publish fake data breach disclosures
USN-8421-1: Ironic vulnerabilities
USN-8426-1: Linux kernel (Azure) vulnerabilities
Trolling Microsoft With Vulnerabilities - PSW #930
USN-8423-1: lwIP vulnerabilities
OnyxC2 stealer sold as a service targets over 210 applications
Russian national charged in connection with Void Blizzard cyberespionage campaign
OceanLotus targets stock investors and construction firm with SPECTRALVIPER backdoor
ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
Max-Severity Ivanti Flaw Exploited 24 Hours After Disclosure
Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
CISA Adds One Known Exploited Vulnerability to Catalog
ShinyHunters claims it hacked 100 orgs by exploiting an Oracle PeopleSoft 0-day
ShinyHunters Targets Education Sector with Oracle PeopleSoft Exploit
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files
New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
Russian national charged in connection with Void Blizzard espionage campaign
The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
USN-8424-1: Ubuntu Kylin Software Center vulnerability
2.4M+ VRChat users’ data accessed following cloud breach
Naxclow IoT Platform
Yarbo Android/iOS Mobile Application and Cloud Infrastructure
Brickcom Cameras
Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware
Fake Spotify Premium tutorials on TikTok and Instagram Reels spread malware
Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks
From SQLi to RCE – Exploiting LangGraph’s Checkpointer
VU#862559: crypton-x509-validation Haskell libraries do not enforce X.509 NameConstraints
Multiples vulnérabilités dans LibreNMS (11 juin 2026)
Multiples vulnérabilités dans les produits Splunk (11 juin 2026)