General Information
Tools, Techniques & Techs
Incidents
Campaigns
Supply Chain Attacks
Resource Hijacking
Name | Pub. date | Actors | Initial access | Impact | Type | Status |
|---|---|---|---|---|---|---|
November 24, 2025 | Unknown | UnknownSupply chain vectorEnd-user compromise | Supply chain attack | Campaign | Finalized | |
November 19, 2025 | IronErn440 | 1-day vulnerabilityFunctionality abuse | Resource hijackingDenial of service | Campaign | Finalized | |
November 13, 2025 | Unknown | 0-day vulnerability1-day vulnerability | Data exfiltration | Campaign | Finalized | |
November 12, 2025 | UNC6485 | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
November 11, 2025 | Unknown | Dangling resource | Resource hijacking | Campaign | Finalized | |
November 5, 2025 | APT41 | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
October 31, 2025 | Unknown | Password attack | Resource hijackingData exfiltration | Campaign | Finalized | |
October 28, 2025 | Exposed secret | Data exfiltration | Research | Finalized | ||
October 22, 2025 | REF3927 | Software misconfig | Data exfiltration | Campaign | Finalized | |
October 21, 2025 | Unknown | 1-day vulnerabilitySoftware misconfigExposed secret | Data exfiltration | Campaign | Finalized | |
October 15, 2025 | Unknown | Unknown | Data exfiltration | Incident | Finalized | |
October 14, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
October 8, 2025 | Exposed secret | Resp. disclosure | Research | Finalized | ||
October 2, 2025 | Crimson Collective | Unknown | Data exfiltration | Campaign | Finalized | |
October 2, 2025 | Cl0p | 0-day vulnerability1-day vulnerability | RansomOp | Campaign | Finalized | |
September 26, 2025 | STORM-1849 | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
September 25, 2025 | UNC5221 | Unknown | Data exfiltration | Campaign | Finalized | |
September 25, 2025 | Unknown | Password attack | Data exfiltration | Incident | Finalized | |
September 15, 2025 | Unknown | Exposed secret | Supply chain attack | Campaign | Finalized | |
September 8, 2025 | Unknown | End-user compromise | Supply chain attack | Incident | Finalized | |
September 5, 2025 | Unknown | Cloud native misconfig | Data exfiltration | Campaign | Finalized | |
September 2, 2025 | UNC6395 | Exposed secretPassword attack | Data exfiltration | Campaign | Finalized | |
August 28, 2025 | Storm-0501 | 1-day vulnerability | RansomOp | Campaign | Finalized | |
August 27, 2025 | Unknown | End-user compromise | Data exfiltration | Campaign | Finalized | |
August 24, 2025 | Genesis Panda | Software misconfig | Data exfiltration | Campaign | Finalized | |
August 24, 2025 | Silk Typhoon | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
August 21, 2025 | UNC6395 | Unknown | Supply chain attack | Incident | Stub | |
August 20, 2025 | Warlock operator | 1-day vulnerability | RansomOp | Campaign | Finalized | |
August 19, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
August 18, 2025 | UAT-7237 | Web vulnerability1-day vulnerability | Data exfiltration | Campaign | Finalized | |
August 6, 2025 | Unknown | 1-day vulnerability | RansomOp | Campaign | Finalized | |
August 4, 2025 | Unknown | Password attack | Data exfiltration | Campaign | Finalized | |
July 29, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
July 23, 2025 | Unknown | Supply chain vector | Data exfiltration | Research | Finalized | |
July 23, 2025 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
July 21, 2025 | Mimo operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
July 20, 2025 | Unknown | End-user compromise | Supply chain attack | Campaign | Finalized | |
July 20, 2025 | Unknown | 0-day vulnerability | Campaign | Finalized | ||
July 17, 2025 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
July 8, 2025 | Unknown | Software misconfig | RansomOpData exfiltration | Campaign | Finalized | |
July 8, 2025 | Unknown | Exposed secret | RansomOpData exfiltration | Campaign | Finalized | |
July 8, 2025 | Unknown | Exposed secret | Data exfiltration | Campaign | Finalized | |
July 8, 2025 | TGR-CRI-0045 | Exposed secret | Data exfiltration | Campaign | Finalized | |
July 3, 2025 | UNC5174 | 0-day vulnerability1-day vulnerability | Resource hijackingData exfiltration | Campaign | Finalized | |
July 2, 2025 | Unknown | Software misconfig | Resource hijacking | Campaign | Stub | |
June 30, 2025 | Unknown | Password attack | Resource hijacking | Campaign | Finalized | |
June 25, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
June 17, 2025 | Unknown | 1-day vulnerability | Denial of serviceResource hijackingData exfiltration | Campaign | Finalized | |
June 12, 2025 | Unknown | End-user compromise | Resource hijacking | Campaign | Finalized | |
June 11, 2025 | Unknown | End-user compromise | Data exfiltration | Campaign | Stub | |
June 7, 2025 | Unknown | Supply chain vector | Supply chain attack | Campaign | Finalized | |
June 3, 2025 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
June 2, 2025 | JINX-0132 | Software misconfig | Resource hijacking | Campaign | Finalized | |
May 29, 2025 | Earth Lamia | 1-day vulnerabilityWeb vulnerability | Data exfiltration | Campaign | Finalized | |
May 28, 2025 | DragonForce | 1-day vulnerabilitySupply chain vector | RansomOp | Campaign | Finalized | |
May 28, 2025 | Unknown | 1-day vulnerabilitySoftware misconfig | None | Campaign | Finalized | |
May 27, 2025 | Mimo operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
May 20, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Not started | |
May 19, 2025 | UTG-Q-015 | 0-day vulnerability1-day vulnerability | Data exfiltration | Campaign | Finalized | |
May 13, 2025 | Unknown | Exposed secret | Unknown | Incident | Finalized | |
May 8, 2025 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
May 6, 2025 | Unknown | Software misconfig | Unknown | Campaign | Finalized | |
May 5, 2025 | Unknown | Supply chain vector | Supply chain attack | Campaign | Finalized | |
May 1, 2025 | Exposed secret | Resp. disclosure | Research | Finalized | ||
April 30, 2025 | Unknown | Software misconfig | Data exfiltrationResource hijacking | Campaign | Finalized | |
April 30, 2025 | Cloud native misconfig | Resp. disclosure | Research | Finalized | ||
April 27, 2025 | Unknown | Cloud native misconfig | None | Incident | Finalized | |
April 23, 2025 | Sysrv botnet operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
April 23, 2025 | Unknown | Exposed secret | Data exfiltration | Incident | Finalized | |
April 23, 2025 | Lucifer operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
April 23, 2025 | Storm-1977 | Password attack | Resource hijacking | Campaign | Finalized | |
April 22, 2025 | Unknown | 0-day vulnerability | Unknown | Campaign | Finalized | |
April 22, 2025 | Unknown | Supply chain vector | Resource hijacking | Campaign | Finalized | |
April 17, 2025 | MUT-1692 | End-user compromise | Resource hijackingSupply chain attack | Incident | Finalized | |
April 16, 2025 | UNC5174 | Unknown | Data exfiltration | Campaign | Finalized | |
April 16, 2025 | CrazyHunter operator | Unknown | RansomOp | Campaign | Finalized | |
April 15, 2025 | Unknown | Exposed secret | Data exfiltrationDenial of serviceData destruction | Incident | Finalized | |
April 14, 2025 | Red Menshen | Unknown | Data exfiltration | Campaign | Finalized | |
April 10, 2025 | Atlas Lion | End-user compromise | Data exfiltration | Campaign | Finalized | |
April 8, 2025 | Unknown | Unknown | Data exfiltration | Incident | Finalized | |
April 4, 2025 | Unknown | Unknown | Data exfiltration | Incident | Finalized | |
April 3, 2025 | Unknown | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
March 24, 2025 | Weaver Ant | Web vulnerability | Data exfiltration | Campaign | Finalized | |
March 21, 2025 | Albabat operator | Unknown | RansomOp | Campaign | Finalized | |
March 21, 2025 | Unknown | 1-day vulnerability | Data exfiltrationSupply chain attack | Incident | Finalized | |
March 16, 2025 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
March 15, 2025 | Unknown | UnknownSupply chain vector | Supply chain attack | Incident | Finalized | |
March 10, 2025 | Hazy Hawk | Dangling resource | Resource hijacking | Incident | Finalized | |
March 6, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
March 5, 2025 | Silk Typhoon | 0-day vulnerability1-day vulnerability | Data exfiltration | Campaign | Finalized | |
March 1, 2025 | Unknown | End-user compromise | Data exfiltration | Incident | Finalized | |
February 28, 2025 | JavaGhost | Exposed secret | Resource hijacking | Campaign | Finalized | |
February 27, 2025 | JINX-0126 | Software misconfigPassword attack | Resource hijacking | Incident | Finalized | |
February 26, 2025 | Lazarus GroupTraderTraitor | End-user compromise | Supply chain attackDenial of wallet | Incident | Finalized | |
February 26, 2025 | Unknown | 1-day vulnerability | DefacementResource hijacking | Campaign | Finalized | |
February 24, 2025 | Software misconfig | Resp. disclosure | Research | Finalized | ||
February 18, 2025 | Winnti | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
February 18, 2025 | Mustang Panda | End-user compromise | Data exfiltration | Campaign | Finalized | |
February 13, 2025 | Seashell Blizzard | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
February 12, 2025 | Unknown | Exposed secret | Data exfiltration | Campaign | Finalized | |
February 11, 2025 | Black Basta operator | 1-day vulnerability | RansomOp | Campaign | Finalized | |
February 9, 2025 | Unknown | Supply chain vector | Supply chain attack | Campaign | Finalized | |
February 3, 2025 | Unknown | End-user compromise | Data exfiltration | Incident | Finalized | |
January 31, 2025 | Unknown | Password attack | Resource hijacking | Incident | Finalized | |
January 29, 2025 | Unknown | Exposed secret | Supply chain attack | Incident | Finalized | |
January 24, 2025 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
January 22, 2025 | Unknown | Dangling resource | Data exfiltrationResource hijacking | Incident | Finalized | |
January 21, 2025 | TRIPLESTRENGTH | End-user compromise | Resource hijackingRansomOp | Campaign | Finalized | |
January 21, 2025 | UNC2165 | Unknown | RansomOpData exfiltration | Campaign | Finalized | |
January 17, 2025 | Unknown | End-user compromise | Data exfiltration | Incident | Finalized | |
January 15, 2025 | Bapak | End-user compromise | Resource hijacking | Campaign | Finalized | |
January 13, 2025 | Codefinger | Exposed secret | RansomOp | Campaign | Finalized | |
January 11, 2025 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
January 10, 2025 | Unknown | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
January 10, 2025 | Unknown | Exposed secret | Data exfiltration | Incident | Stub | |
January 2, 2025 | Unknown | Cloud native misconfig | Supply chain attackResource hijacking | Incident | Finalized | |
December 31, 2024 | Unknown | 0-day vulnerability | Data exfiltration | Incident | Finalized | |
December 30, 2024 | Unknown | Software misconfig | Data exfiltration | Incident | Finalized | |
December 30, 2024 | EC2 Grouper | Exposed secret | UnknownResource hijacking | Campaign | Finalized | |
December 28, 2024 | Unknown | Unknown | Data exfiltration | Incident | Stub | |
December 18, 2024 | Unknown | End-user compromise | Unknown | Campaign | Finalized | |
December 17, 2024 | Diicot | Password attack | Resource hijacking | Campaign | Finalized | |
December 17, 2024 | Unknown | 1-day vulnerability | Unknown | Campaign | Finalized | |
December 16, 2024 | Winnti | Unknown | Data exfiltration | Campaign | Finalized | |
December 15, 2024 | JINX-2401 | Exposed secretEnd-user compromise | Resource hijacking | Campaign | Finalized | |
December 15, 2024 | Cl0p | 0-day vulnerability1-day vulnerability | RansomOp | Campaign | Finalized | |
December 12, 2024 | Unknown | 1-day vulnerability | Data exfiltration | Incident | Finalized | |
December 11, 2024 | Unknown | Exposed secret | Resource hijacking | Incident | Finalized | |
December 5, 2024 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
December 5, 2024 | Unknown | Cloud native misconfig | Supply chain attackResource hijacking | Incident | Finalized | |
December 4, 2024 | Unknown | End-user compromiseSupply chain vector | Supply chain attack | Campaign | Finalized | |
December 3, 2024 | Gafgyt operator | Software misconfig | Data exfiltrationDenial of service | Campaign | Finalized | |
December 2, 2024 | Unknown | 1-day vulnerability | RansomOp | Campaign | Finalized | |
November 21, 2024 | Gelsemium | Unknown | Data exfiltration | Campaign | Finalized | |
November 19, 2024 | Unknown | Software misconfig | Campaign | Finalized | ||
November 19, 2024 | Earth Kasha | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
November 15, 2024 | BrazenBamboo | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
November 8, 2024 | Unknown | 0-day vulnerability | Unknown | Campaign | Finalized | |
November 7, 2024 | Silent Skimmer | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
November 6, 2024 | Mozi Botnet operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
October 31, 2024 | Unknown | Supply chain vector | Supply chain attack | Campaign | Finalized | |
October 31, 2024 | Volt TyphoonAPT31APT41 | Unknown | Data exfiltration | Incident | Stub | |
October 30, 2024 | Unknown | 1-day vulnerability | Data exfiltrationData destruction | Incident | Finalized | |
October 30, 2024 | EMERALDWHALE | Exposed secret | Data exfiltration | Campaign | Finalized | |
October 27, 2024 | Cloud native misconfig | Resp. disclosure | Research | Finalized | ||
October 25, 2024 | TeamTNT | Software misconfig | Resource hijacking | Campaign | Finalized | |
October 24, 2024 | UNC5820 | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
October 23, 2024 | Prometei operator | 1-day vulnerabilityPassword attack | Resource hijacking | Campaign | Finalized | |
October 22, 2024 | Funnull | Insider threatSupply chain vector | Supply chain attack | Campaign | Finalized | |
October 21, 2024 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
October 18, 2024 | API vulnerability | Resp. disclosure | Research | Stub | ||
October 11, 2024 | APT34 | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
October 10, 2024 | Unknown | Software misconfig | Data exfiltration | Incident | Stub | |
October 10, 2024 | APT29 | 1-day vulnerability | Data exfiltrationRansomOpSupply chain attack | Campaign | Finalized | |
October 10, 2024 | Unknown | 1-day vulnerability | RansomOp | Campaign | Finalized | |
October 3, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
September 30, 2024 | Unknown | 0-day vulnerability | Data exfiltration | Incident | Stub | |
September 27, 2024 | REF6138 | Unknown | Resource hijacking | Campaign | Finalized | |
September 26, 2024 | Storm-0501 | 1-day vulnerability | RansomOp | Campaign | Finalized | |
September 26, 2024 | Storm-0501 | End-user compromise1-day vulnerability | RansomOpData exfiltration | Campaign | Finalized | |
September 23, 2024 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
September 20, 2024 | UNC1860 | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
September 17, 2024 | 0ktapus | Unknown | RansomOp | Incident | Stub | |
September 17, 2024 | 0ktapus | End-user compromise | RansomOp | Incident | Stub | |
September 17, 2024 | Unknown | Exposed secret | Data exfiltration | Incident | Stub | |
September 12, 2024 | Unknown | Unknown | Data exfiltration | Incident | Stub | |
September 12, 2024 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
September 12, 2024 | Unknown | Software misconfig | Resource hijacking | Campaign | Finalized | |
September 10, 2024 | DragonRank | 1-day vulnerabilitySoftware misconfig | Data exfiltrationResource hijacking | Campaign | Finalized | |
August 30, 2024 | Unknown | 1-day vulnerability | Unknown | Campaign | Finalized | |
August 28, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
August 23, 2024 | Bling Libra | Exposed secretCloud native misconfig | RansomOp | Campaign | Finalized | |
August 19, 2024 | JINX-0126 | Software misconfigPassword attack | Resource hijacking | Campaign | Finalized | |
August 19, 2024 | Unknown | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
August 15, 2024 | Unknown | Exposed secret | Data exfiltrationRansomOp | Campaign | Finalized | |
August 14, 2024 | Gafgyt operator | Password attack | Resource hijacking | Campaign | Finalized | |
August 9, 2024 | Horde Panda | Functionality abuse | Data exfiltration | Campaign | Finalized | |
August 9, 2024 | 0ktapus | End-user compromise | Resource hijacking | Campaign | Finalized | |
August 9, 2024 | APT41 | Software misconfig | Data exfiltration | Campaign | Finalized | |
August 2, 2024 | Unknown | Software misconfig | Denial of service | Campaign | Stub | |
July 31, 2024 | Mirai | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
July 29, 2024 | Storm-0506Storm-1175Manatee Tempest0ktapus | 1-day vulnerability | RansomOp | Campaign | Finalized | |
July 25, 2024 | IntelBroker | 1-day vulnerability | Supply chain attack | Incident | Stub | |
July 25, 2024 | Unknown | Functionality abuseSoftware misconfig | Resource hijacking | Campaign | Finalized | |
July 15, 2024 | NullBulge | End-user compromise | Data exfiltration | Incident | Stub | |
July 11, 2024 | CRYSTALRAY | 1-day vulnerability | Resource hijackingData exfiltration | Campaign | Finalized | |
July 8, 2024 | Exposed secret | Resp. disclosure | Research | Stub | ||
July 5, 2024 | Unknown | Unknown | Resource hijacking | Campaign | Stub | |
June 30, 2024 | 8220 Gang | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
June 25, 2024 | Funnull | Insider threatSupply chain vector | Supply chain attackDefacement | Campaign | Finalized | |
June 25, 2024 | Exposed secret | Resp. disclosure | Research | Stub | ||
June 24, 2024 | RedJuliett | Software misconfig1-day vulnerabilityWeb vulnerability | Data exfiltration | Campaign | Finalized | |
June 21, 2024 | Boolka | Web vulnerability | Resource hijacking | Campaign | Stub | |
June 14, 2024 | 0ktapus | End-user compromise | Data exfiltrationRansomOp | Campaign | Finalized | |
June 13, 2024 | Insider threat | Data destruction | Incident | Stub | ||
June 10, 2024 | TellYouThePass Gang | 1-day vulnerability | RansomOp | Campaign | Stub | |
June 8, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
June 7, 2024 | Unknown | Cloud native misconfig | Resource hijacking | Campaign | Finalized | |
June 6, 2024 | Unknown | End-user compromise | Resource hijacking | Campaign | Stub | |
June 5, 2024 | Gitloker | End-user compromise | RansomOp | Campaign | Stub | |
June 5, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
June 5, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
June 4, 2024 | UTG-Q-008 | Password attack | Resource hijacking | Campaign | Stub | |
June 4, 2024 | Muhstik operator | 1-day vulnerability | Resource hijackingDenial of service | Campaign | Finalized | |
May 31, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
May 30, 2024 | RedTail operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
May 29, 2024 | UNC5537 | End-user compromise | Data exfiltration | Incident | Stub | |
May 16, 2024 | Kinsing operator | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
May 7, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
May 6, 2024 | Atlas Lion | End-user compromise | Resource hijackingDenial of walletData exfiltration | Campaign | Finalized | |
May 6, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Incident | Finalized | |
May 3, 2024 | Cloud native misconfig | Data exfiltration | Research | Stub | ||
May 2, 2024 | TargetCompany | Password attackSoftware misconfig | RansomOp | Campaign | Finalized | |
April 24, 2024 | STORM-1849 | 0-day vulnerability | Data exfiltration | Campaign | Finalized | |
April 22, 2024 | APT28 | 0-day vulnerability1-day vulnerability | Data exfiltration | Finalized | ||
April 19, 2024 | UNC5221 | 1-day vulnerability | Data exfiltration | Incident | Stub | |
April 17, 2024 | Unknown | 1-day vulnerabilityExposed secret | Resource hijacking | Campaign | Finalized | |
April 14, 2024 | Unknown | 1-day vulnerability | Unknown | Incident | Stub | |
April 11, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
April 11, 2024 | Unknown | Unknown | Data exfiltration | Incident | Finalized | |
April 11, 2024 | Unknown | Cloud native misconfig | Data exfiltration | Incident | Stub | |
April 11, 2024 | Unknown | End-user compromise | RansomOp | Incident | Stub | |
April 11, 2024 | Unknown | Supply chain vector | RansomOp | Incident | Stub | |
April 11, 2024 | Unknown | End-user compromise | RansomOp | Incident | Stub | |
April 9, 2024 | RUBYCARP | 1-day vulnerabilityPassword attack | Denial of serviceResource hijacking | Campaign | Finalized | |
April 9, 2024 | Cloud native misconfig | Resp. disclosure | Research | Stub | ||
April 9, 2024 | 0ktapus | End-user compromise | Data exfiltration | Campaign | Stub | |
April 4, 2024 | Cloud native misconfigWeb vulnerability | Resp. disclosure | Research | Finalized | ||
April 2, 2024 | Storm-0558 | Unknown | Data exfiltration | Incident | Finalized | |
March 29, 2024 | Unknown | Insider threat | Supply chain attack | Incident | Finalized | |
March 26, 2024 | Agenda operator | Unknown | RansomOp | Campaign | Finalized | |
March 25, 2024 | Unknown | End-user compromise | Supply chain attack | Incident | Stub | |
March 22, 2024 | UNC5174 | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
March 21, 2024 | Cloud native misconfig | Resp. disclosure | Research | Stub | ||
March 19, 2024 | Unknown | 1-day vulnerability | Resource hijackingRansomOp | Campaign | Stub | |
March 15, 2024 | ShadowSyndicate | 1-day vulnerability | RansomOp | Campaign | Finalized | |
March 11, 2024 | Unknown | 1-day vulnerabilitySoftware misconfig | Resource hijacking | Campaign | Finalized | |
March 8, 2024 | Cloud native misconfig | Resp. disclosure | Research | Stub | ||
March 8, 2024 | Magnet Goblin | 1-day vulnerability | Unknown | Campaign | Stub | |
March 6, 2024 | Unknown | Software misconfig1-day vulnerability | Resource hijacking | Campaign | Finalized | |
March 6, 2024 | z0miner | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
March 6, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
February 28, 2024 | KryptonZambie | Unknown | Data exfiltration | Incident | Finalized | |
February 28, 2024 | KryptonZambie | Unknown | Data exfiltration | Incident | Finalized | |
February 23, 2024 | Unknown | Resp. disclosure | Research | Stub | ||
February 22, 2024 | Lucifer operator | 1-day vulnerabilitySoftware misconfig | Denial of serviceResource hijacking | Campaign | Finalized | |
February 21, 2024 | Insider threat | Resp. disclosure | Research | Stub | ||
February 21, 2024 | Unknown | Unknown | Data exfiltrationData destruction | Incident | Stub | |
February 20, 2024 | Migo operator | Software misconfig | Resource hijacking | Campaign | Finalized | |
February 20, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
February 18, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
February 15, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
February 14, 2024 | Cloud native misconfig | Resp. disclosure | Research | Stub | ||
February 14, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
February 13, 2024 | Unknown | 1-day vulnerability | Data exfiltration | Incident | Stub | |
February 13, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
February 13, 2024 | Water Hydra | 1-day vulnerabilityEnd-user compromise0-day vulnerability | Data exfiltration | Campaign | Finalized | |
February 9, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
February 9, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
February 8, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
February 8, 2024 | Unknown | Unknown | Data exfiltration | Incident | Stub | |
February 8, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
February 6, 2024 | Unknown | End-user compromise | Resource hijacking | Incident | Stub | |
February 2, 2024 | Mispadu operator | 1-day vulnerability | Data exfiltration | Campaign | Finalized | |
February 1, 2024 | Unknown | Supply chain vector | Data exfiltration | Incident | Stub | |
February 1, 2024 | Commando Cat | Software misconfig | Resource hijacking | Campaign | Finalized | |
February 1, 2024 | Exposed secretCloud native misconfig | Resp. disclosure | Research | Stub | ||
January 31, 2024 | Unknown | Exposed secret | Resource hijacking | Incident | Stub | |
January 31, 2024 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
January 28, 2024 | Trigona operator | Software misconfig1-day vulnerabilityPassword attack | RansomOp | Campaign | Finalized | |
January 26, 2024 | Exposed secret | Resp. disclosure | Research | Finalized | ||
January 19, 2024 | Unknown | Exposed secret | Resource hijacking | Campaign | Finalized | |
January 19, 2024 | Unknown | Exposed secret | Data exfiltration | Incident | Finalized | |
January 19, 2024 | APT29 | Password attack | Data exfiltration | Incident | Finalized | |
January 18, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
January 18, 2024 | Mimo operator | 1-day vulnerability | Resource hijackingRansomOp | Campaign | Stub | |
January 18, 2024 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Stub | |
January 16, 2024 | Unknown | 1-day vulnerabilitySoftware misconfig | Resource hijacking | Campaign | Stub | |
January 15, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
January 11, 2024 | Software misconfig | Resp. disclosure | Research | Stub | ||
January 11, 2024 | Unknown | Password attackWeb vulnerabilityFunctionality abuse | Resource hijacking | Campaign | Finalized | |
January 11, 2024 | Dreambus operator | Software misconfig1-day vulnerability | Resource hijacking | Campaign | Stub | |
January 11, 2024 | Unknown | Exposed secret | RansomOpData exfiltration | Incident | Stub | |
January 10, 2024 | UNC5221 | 0-day vulnerability | Unknown | Campaign | Stub | |
January 10, 2024 | Unknown | 1-day vulnerabilitySoftware misconfig | Resource hijacking | Campaign | Stub | |
January 10, 2024 | Unknown | Software misconfigPassword attack | RansomOp | Campaign | Finalized | |
January 1, 2024 | Not started | |||||
December 28, 2023 | Cyber Toufan | Supply chain vector | Data exfiltrationData destruction | Campaign | Stub | |
December 15, 2023 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
December 14, 2023 | GambleForce | Web vulnerability1-day vulnerability | Data exfiltration | Campaign | Stub | |
December 13, 2023 | APT29 | 1-day vulnerability | Data exfiltration | Campaign | Stub | |
December 12, 2023 | Storm-1283 | End-user compromise | Resource hijacking | Campaign | Stub | |
December 12, 2023 | Unknown | Insider threat | Data destruction | Incident | Stub | |
December 7, 2023 | Krasue operator | Unknown | Data exfiltration | Campaign | Stub | |
December 6, 2023 | End-user compromise | Resp. disclosure | Research | Stub | ||
November 28, 2023 | GoTitan operator | 1-day vulnerability | Unknown | Campaign | Stub | |
November 27, 2023 | Unknown | End-user compromise | Data exfiltration | Incident | Stub | |
November 27, 2023 | Andariel | 1-day vulnerability | Unknown | Campaign | Stub | |
November 20, 2023 | Unknown | 1-day vulnerability | Resource hijacking | Campaign | Finalized | |
November 14, 2023 | C3RB3R operator | 1-day vulnerability | RansomOp | Campaign | Stub |