T1003 - OS Credential Dumping - MITRE ATT&CK

Threat entity extracted from intelligence sources

Frequency
492
occurrences
First Seen
January 24, 2026
Last Seen
July 17, 2026

T1003 - OS Credential Dumping is a mitre_attack tracked across 50 threat clusters and 492 intelligence report mentions on ThreatCluster. First observed January 24, 2026; most recent activity July 17, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Uk And Eu Strike Russian Cyber Networks With New Sanctions — www.gov.uk · July 17, 2026
  • Symantec Threat Hunter Team — www.security.com · July 17, 2026
  • GoSerpent Backdoor Looted Police and Biometric Data Across Southeast Asia for Five Years — Techtimes · July 17, 2026
  • Nearly 300 New Fake GitHub Repositories Spread Malware — www.clubic.com · July 17, 2026
  • New Spirals ransomware can lock down an entire network in under 24 hours — Pcquest · July 16, 2026
  • C'mon, just copy this text string and paste it into your macOS Terminal – it'll fix your computer, honest — Theregister · July 16, 2026
  • Unc2447 Sombrat And Fivehands Ransomware Sophisticated Financial Threat — cloud.google.com · July 16, 2026
  • GoSerpent: a persistent threat evolves with sophisticated data collection and exfiltration — Securelist · July 16, 2026

CVSS v3.1 Breakdown