Lucene search
+L

10 matches found

osv
osv
added 2026/05/19 12:0 a.m.11 views

MAL-2026-4062 Malicious code in @antv/li-editor (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

5.8AI score
Exploits0References4
thn
thn
added 2022/12/06 11:0 a.m.72 views

Telecom and BPO Companies Under Attack by SIM Swapping Hackers

A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing BPO companies at lease since June 2022. "The end objective of this campaign appears to be to gain access to mobile carrier networks and, as evidenced in two investigations, perform SIM swapping...

10CVSS10AI score0.99999EPSS
Exploits8
ics
ics
added 2022/03/24 12:0 p.m.25 views

Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Summary Actions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This...

9.5AI score
Exploits0References183
thn
thn
added 2022/03/09 10:4 a.m.354 views

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-d...

10CVSS0.3AI score0.99999EPSS
Exploits354
thn
thn
added 2021/12/07 11:7 a.m.24 views

SolarWinds Hackers Targeting Government and Business Entities Worldwide

Nobelium, the threat actor attributed to the massive SolarWinds supply chain compromise, has been once again linked to a series of attacks targeting multiple cloud solution providers, services, and reseller companies, as the hacking group continues to refine and retool its tactics at an alarming...

0.7AI score
Exploits0
ics
ics
added 2021/07/21 12:0 p.m.28 views

Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013

Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Note: CISA released technical information, including indicators of compromise IOCs,...

9.5AI score
Exploits0References38
threatpost
threatpost
added 2021/06/11 2:23 p.m.59 views

Monumental Supply-Chain Attack on Airlines Traced to State Actor

A monster cyberattack on SITA, a global IT provider for 90 percent of the world’s airline industry, is slowly unfurling to reveal the largest supply-chain attack on the airline industry in history. The enormous data breach, estimated to have already impacted 4.5 million passengers, has potentiall...

0.7AI score
Exploits0References9
thn
thn
added 2020/12/27 6:24 a.m.131 views

A New SolarWinds Flaw Likely Had Let Hackers Install SUPERNOVA Malware

An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that's used t...

9.8CVSS0.3AI score0.9198EPSS
Exploits3
fireeye
fireeye
added 2020/12/13 12:0 a.m.625 views

Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

Executive Summary We have discovered a global intrusion campaign. We are tracking the actors behind this campaign as UNC2452. FireEye discovered a supply chain attack trojanizing SolarWinds Orion business software updates in order to distribute malware we call SUNBURST. The attacker’s post...

0.1AI score
Exploits0References2
threatpost
threatpost
added 2020/03/25 3:57 p.m.1170 views

Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign

Researchers warn that APT41, a notorious China-linked threat group, has targeted more than 75 organizations worldwide in “one of the broadest campaigns by a Chinese cyber-espionage actor observed in recent years.” Between Jan. 20 and March 11, researchers observed APT41 exploiting vulnerabilities...

10CVSS9.1AI score0.99999EPSS
Exploits81References25
Rows per page
Query Builder