“critical code execution flaw in the gemini cli and its github action that allowed outsiders to run commands on build servers in ci / cd pipelines. the issue automatically trusted workspace files during automated jobs, allowing malicious pull requests to trigger code execution. li…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
98%
“campaign targeting brazilian internet providers, abusing tp - link archer ax21 routers via cve - 2023 - 1389 and open dns servers for high - volume amplification attacks. leaked files linked control activity to infrastructure and ssh keys associated with ddos mitigation firm huge…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
94%
“trellix, a major endpoint security and xdr vendor, was hit by a source code repository breach after attackers accessed a portion of its internal code. the company engaged forensic experts and law enforcement and claims it has found no evidence of product tampering, pipeline compr…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
89%
“supply chain attack in which anthropic ’ s claude opus co - authored a code commit that introduced promptmink malware into an open - source autonomous crypto trading project. the hidden dependency siphoned credentials, planted persistent ssh access, and stole source code, enablin…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.002Compromise Software Supply Chain
79%
“supply chain attack in which anthropic ’ s claude opus co - authored a code commit that introduced promptmink malware into an open - source autonomous crypto trading project. the hidden dependency siphoned credentials, planted persistent ssh access, and stole source code, enablin…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1587Develop Capabilities
55%
“campaign targeting brazilian internet providers, abusing tp - link archer ax21 routers via cve - 2023 - 1389 and open dns servers for high - volume amplification attacks. leaked files linked control activity to infrastructure and ssh keys associated with ddos mitigation firm huge…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
For the latest discoveries in cyber research for the week of 4th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Medtronic, a global medical device maker, has disclosed a cyberattack on its corporate IT systems. An unauthorized party accessed data, while the company reported no impact on products, operations, or financial systems. Threat […]