“##os ' investigation found that a primary point of abuse in n8n ' s ai workflow automation platform is its url - exposed webhooks, " the researchers explain. " a webhook, often referred to as a " reverse api, " allows one application to provide real - time information to another.…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
97%
“cyberheistnews vol 16 # 17 [ heads up ] this sophisticated scam should be a warning to all companies cyberheistnews vol 16 # 17 | april 28th, 2026 [ heads up ] this sophisticated scam should be a warning to all companies by roger grimes scams are becoming more sophisticated over …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
93%
“extortion and investment scams were the most commonly reported attacks, with ai - related scams driving some of the costliest losses. phishing was the top attack vector, with these attacks leading to more than $ 215 million in losses. notably, ai - assisted business email comprom…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
86%
“intelligence you need for proactive risk management. you ' ll gain insight into : - the latest tactics, techniques and procedures behind the criminal landscape in email security and the reality of how ai is changing the threat landscape - how multi - channel threats continue to e…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
74%
“and node. js programs. the " npm " command is commonly used to install programs into linux and other types of distributions. a user or admin can type in something like : " npm install " to install a program. maintainers upload code updates to npm so that users and administrators …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1587Develop Capabilities
68%
“and node. js programs. the " npm " command is commonly used to install programs into linux and other types of distributions. a user or admin can type in something like : " npm install " to install a program. maintainers upload code updates to npm so that users and administrators …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1204.002Malicious File
65%
“attackers are attempting to trick users into installing malicious visual basic script ( vbs ) files. " the campaign relies on a combination of social engineering and living - off - the - land techniques, " microsoft says. " it uses renamed windows utilities to blend into normal s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
60%
“##lnerabilities - in - firefox - 150 / - users advised to drop passwords and make room for passkeys. but are you ok with that? : https : / / www. helpnetsecurity. com / 2026 / 04 / 24 / ncsc - passkey - adoption - cybersecurity / - ai models are getting better at social engineeri…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1059.005Visual Basic
53%
“attackers are attempting to trick users into installing malicious visual basic script ( vbs ) files. " the campaign relies on a combination of social engineering and living - off - the - land techniques, " microsoft says. " it uses renamed windows utilities to blend into normal s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
42%
“. but the scam started two weeks ago. we are very fortunate that the involved maintainer, jason saayman, went public with what happened and how he was scammed. if i could give him an international award, i would. [ continued ] blog post with links : https : / / blog. knowbe4. com…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1036.003Rename Legitimate Utilities
36%
“attackers are attempting to trick users into installing malicious visual basic script ( vbs ) files. " the campaign relies on a combination of social engineering and living - off - the - land techniques, " microsoft says. " it uses renamed windows utilities to blend into normal s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1657Financial Theft
35%
“com / world / asia / cambodia - cybercrime - rise - why - 2f2c03cc pps : yet another ex - ransomware negotiator admits turning rogue after payoff from crime lords : https : / / www. theregister. com / 2026 / 04 / 21 / yet _ another _ ex _ ransomware _ negotiator _ pleads / - rich…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1218.005Mshta
32%
“attackers are attempting to trick users into installing malicious visual basic script ( vbs ) files. " the campaign relies on a combination of social engineering and living - off - the - land techniques, " microsoft says. " it uses renamed windows utilities to blend into normal s…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
