Attack List - 2026 2025 2024 2023 2021 2020 2019 2018
DATE |
NAME |
Info | CATEG. |
WEB |
| 7.3.26 | Mail2Shell zero-click attack lets hackers hijack FreeScout mail servers | A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. | Attack | BleepingComputer |
| 7.3.26 | How a Brute Force Attack Unmasked a Ransomware Infrastructure Network | A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress Labs explains how one compromised login unraveled a suspected ransomware-as-a-service ecosystem tied to initial access brokers. | Attack | BleepingComputer |
| 5.3.26 | ClawJacked attack let malicious websites hijack OpenClaw to steal data | Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally running instance and take control over it. | Attack | |
| 31.1.26 | Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms | Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks | Attack | The Hacker News |
| 28.1.26 | When Zoom Phishes You: Unmasking a Novel TOAD Attack Hidden in Legitimate Infrastructure | Prophet AI uncovers a Telephone-Oriented Attack Delivery (TOAD) campaign weaponizing Zoom's own authentication infrastructure. | Attack | The Hacker News |