Technology ❯ Cybersecurity ❯ Threat Actors

Exploitation Techniques

Remote Code Execution Cryptocurrency Mining Spyware Attacks PHP Webshells Proof-of-Concepts Persistent Threats Malicious Links Ransomware Privilege Escalation Access Control ARP Spoofing Persistence Social Engineering Attacks OS Command Injection Authentication Bypass Data Exfiltration Active Directory Low-complexity Attacks

CISA Orders Federal Agencies to Patch Actively Exploited MongoDB ‘MongoBleed’ Flaw

Leaking server memory before login, the flaw heightens credential exposure risk, complicating investigations.

Fortinet SSO Bypass Actively Exploited as CISA Sets Dec. 23 Fix Deadline

‘HashJack’ Exposes AI Browser Weakness as Microsoft and Perplexity Patch, Google Declines

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

Check Point Reveals Microsoft Teams Flaws That Enabled Fake Chats, Alerts, and Calls

Microsoft Uncovers ‘SesameOp’ Backdoor Using OpenAI Assistants API for Stealthy C2

CISA Adds Two Actively Exploited DELMIA Apriso Flaws to KEV

Active Attacks Target Adobe Commerce With 'SessionReaper' Exploit

Cisco SNMP Zero‑Day Fueled ‘Operation Zero Disco’ Rootkit Attacks on Older Switches

CISA Discloses Malware Behind Ivanti EPMM Zero-Day Intrusions, Publishes IOCs and Detection Rules

CISA Adds Actively Exploited DELMIA Apriso Flaw to KEV With Oct. 2 Fix Deadline

Active Zero-Day Exploit of WordPress Alone Theme Sees Over 120,000 Blocked Attempts

Darktrace Details First Auto-Color Malware Attack Exploiting Patched SAP NetWeaver Flaw

CISA Confirms Active CitrixBleed 2 Exploitation and Mandates One-Day Patch