T1567.002 - Exfiltration to Cloud Storage - MITRE ATT&CK

Threat entity extracted from intelligence sources

Frequency
94
occurrences
First Seen
November 1, 2025
Last Seen
July 16, 2026

T1567.002 - Exfiltration to Cloud Storage is a mitre_attack tracked across 50 threat clusters and 94 intelligence report mentions on ThreatCluster. First observed November 1, 2025; most recent activity July 16, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Cyberstalkers Exploiting Chrome Sync To Spy — www.certosoftware.com · July 16, 2026
  • Musk pledges data purge after Grok Build secretly downloaded entire Git repositories — Feeds.4Sysops · July 14, 2026
  • AsyncAPI npm packages backdoored via GitHub Actions — Aikido.Dev · July 14, 2026
  • Musk promises purge after Grok Build caught sending entire repos to the cloud — Theregister · July 14, 2026
  • M-Red-Team: AsyncAPI Supply Chain Compromise via GitHub Actions — Wiz · July 14, 2026
  • Vibe — Infosecurity-Magazine · July 9, 2026
  • Accenture Confirms Breach After Threat Actor Claims Source Code Theft — Uctoday · July 8, 2026
  • Over 250,000 Potential Security Issues Uncovered in GitHub Actions Workflows — Ground.News · July 7, 2026

CVSS v3.1 Breakdown