T1059 - Command and Scripting Interpreter - MITRE ATT&CK

Threat entity extracted from intelligence sources

Frequency
804
occurrences
First Seen
October 31, 2025
Last Seen
July 17, 2026

T1059 - Command and Scripting Interpreter is a mitre_attack tracked across 50 threat clusters and 804 intelligence report mentions on ThreatCluster. First observed October 31, 2025; most recent activity July 17, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • CVE-2026-15410 — nvd.nist.gov · July 17, 2026
  • CVE-2026-39808 — fortiguard.fortinet.com · July 17, 2026
  • The Ttf Trap A Global Campaign Of A Low Detection Lua Loader — www.fortinet.com · July 17, 2026
  • Token Security research on how enterprises are actually deploying agents — www.token.security · July 17, 2026
  • Fake TTF files deliver stealthy malware in global phishing campaign — Csoonline · July 17, 2026
  • Google Mandiant warns of exposed serverless functions as attack vector — Feeds.Feedburner · July 16, 2026
  • New TELEPUZ malware spreads via ClickFix lures — Feeds.Feedburner · July 16, 2026
  • Hardening serverless cloud functions against lateral movement and AI risks — Feeds.4Sysops · July 16, 2026

CVSS v3.1 Breakdown