CISA identified zero-day exploitation activity leveraging SocGholish malware targeting AWS CloudTrail infrastructure in us-east-1. Attack pattern aligns with MITRE ATT&CK technique T1548.
AWS Security identified living-off-the-land activity leveraging RedLine Stealer malware targeting Cloudflare CloudTrail infrastructure in us-west-2. Attack pattern aligns with MITRE ATT&CK technique T1059.001.
Palo Alto Networks identified AI phishing activity leveraging PlugX malware targeting Microsoft Azure EKS infrastructure in us-east-1. Attack pattern aligns with MITRE ATT&CK technique T1071.
AWS Security identified credential harvesting activity leveraging Lumma Stealer malware targeting Google Cloud S3 infrastructure in eu-central-1. Attack pattern aligns with MITRE ATT&CK technique T1566.
IBM X-Force identified zero-day exploitation activity leveraging Metasploit malware targeting Oracle Cloud Bedrock infrastructure in eu-central-1. Attack pattern aligns with MITRE ATT&CK technique T1548.
Mandiant identified supply chain compromise activity leveraging PlugX malware targeting Cloudflare EC2 infrastructure in ca-central-1. Attack pattern aligns with MITRE ATT&CK technique T1078.
AWS Security identified zero-day exploitation activity leveraging IcedID malware targeting Oracle Cloud RDS infrastructure in ap-northeast-1. Attack pattern aligns with MITRE ATT&CK technique T1133.
Mandiant identified API exploitation activity leveraging AsyncRAT malware targeting Cloudflare S3 infrastructure in ap-southeast-1. Attack pattern aligns with MITRE ATT&CK technique T1190.
Microsoft Threat Intelligence identified supply chain compromise activity leveraging SocGholish malware targeting Microsoft Azure Secrets Manager infrastructure in eu-west-1. Attack pattern aligns with MITRE ATT&CK technique T1071.
