Threat Feed

dev
28 itemsSources: 8Tags: 37
Sources:
Tags:
Sort:
Microsoft Threat Intelligence
3010 hours ago

Gootloader infrastructure shifts detected by Microsoft Threat Intelligence

Microsoft Threat Intelligence identified living-off-the-land activity leveraging Gootloader malware targeting Cloudflare S3 infrastructure in eu-west-1. Attack pattern aligns with MITRE ATT&CK technique T1027.

living-off-the-landgootloadercloudflares3
Cloudflare Radar
2117 hours ago

supply chain compromise campaign observed targeting Cloudflare workloads in ap-southeast-1

Cloudflare Radar identified supply chain compromise activity leveraging SocGholish malware targeting Cloudflare Bedrock infrastructure in ap-southeast-1. Attack pattern aligns with MITRE ATT&CK technique T1566.

supply-chain-compromisesocgholishcloudflarebedrock
AWS Security
631 day ago

Zero-day vulnerability in Cloudflare RDS exploited by LockBit 3.0 [Dev Alert]

AWS Security identified credential harvesting activity leveraging Cobalt Strike malware targeting Cloudflare RDS infrastructure in ap-southeast-1. Attack pattern aligns with MITRE ATT&CK technique T1133.

credential-harvestingcobalt-strikecloudflarerdszero-daydev
CISA
342 days ago

Scattered Spider targets Cloudflare CloudTrail using Gootloader

CISA identified living-off-the-land activity leveraging Gootloader malware targeting Cloudflare CloudTrail infrastructure in ca-central-1. Attack pattern aligns with MITRE ATT&CK technique T1548.

living-off-the-landgootloadercloudflarecloudtrailcisa
Cisco Talos
852 days ago

CVE-2025-9206: Active exploitation detected in GuardDuty

Cisco Talos identified ransomware-as-a-service activity leveraging IcedID malware targeting Cloudflare GuardDuty infrastructure in us-east-1. Attack pattern aligns with MITRE ATT&CK technique T1190.

ransomware-as-a-serviceicedidcloudflareguarddutycve
Cloudflare Radar
182 days ago

zero-day exploitation campaign observed targeting AWS workloads in ca-central-1

Cloudflare Radar identified zero-day exploitation activity leveraging Cobalt Strike malware targeting AWS EC2 infrastructure in ca-central-1. Attack pattern aligns with MITRE ATT&CK technique T1566.

zero-day-exploitationcobalt-strikeawsec2zero-day
AWS Security
212 days ago

Zero-day vulnerability in Cloudflare CloudTrail exploited by APT29 (Cozy Bear) [Dev Alert]

AWS Security identified credential harvesting activity leveraging RedLine Stealer malware targeting Cloudflare CloudTrail infrastructure in eu-west-1. Attack pattern aligns with MITRE ATT&CK technique T1071.

credential-harvestingredline-stealercloudflarecloudtrailzero-daydev
AWS Security
603 days ago

FIN7 deploys living-off-the-land via compromised Cloudflare Bedrock [Dev Alert]

AWS Security identified living-off-the-land activity leveraging IcedID malware targeting Cloudflare Bedrock infrastructure in us-east-1. Attack pattern aligns with MITRE ATT&CK technique T1133.

living-off-the-landicedidcloudflarebedrockdev
CrowdStrike
403 days ago

Volt Typhoon deploys MFA bypass via compromised Oracle Cloud RDS

CrowdStrike identified MFA bypass activity leveraging RedLine Stealer malware targeting Oracle Cloud RDS infrastructure in ap-northeast-1. Attack pattern aligns with MITRE ATT&CK technique T1548.

mfa-bypassredline-stealeroracle-cloudrds