T1003 - Credential Dumping is a mitre_attack tracked across 7 threat clusters and 6 intelligence report mentions on ThreatCluster. First observed November 1, 2025; most recent activity December 11, 2025.
The Akira ransomware group has been identified as a significant threat to critical infrastructure, with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the FBI warning of its active ransomware…
China-linked cyber-espionage group Bronze Butler, also known as Tick, exploited a zero-day vulnerability in Motex Lanscope Endpoint Manager, identified as CVE-2025-61932. This critical request origin verification flaw…
Cyber-espionage group Bronze Butler, also known as Tick, has exploited a zero-day vulnerability in Motex Lanscope Endpoint Manager, identified as CVE-2025-61932. This critical request origin verification flaw was used…
The Makop ransomware, a variant of the Phobos family, has been updated to include GuLoader malware for enhanced payload delivery. Recent attacks have primarily targeted Indian businesses, utilizing Remote Desktop…
Ransomware actors are increasingly focusing on cloud-based assets, particularly in AWS environments. This shift involves utilizing various tactics to compromise critical business data, moving away from traditional…
The Kraken ransomware, which targets Windows and Linux/VMware ESXi systems, emerged in February 2025 as a continuation of the HelloKitty operation. It employs a double extortion technique, testing systems to optimize…
The Kraken ransomware, identified in February 2025, is a sophisticated Russian-speaking threat that evolved from the HelloKitty ransomware cartel. It employs double extortion tactics, targeting various sectors across…