Skip to content
Auto-CTI
Archive view — this data may be outdated.

CTI status

Joel Traber AG

As of:

Last pipeline run:

Status High

All threats

Sorted by KEV · Risk · EPSS
KEV NEW Microsoft
100

Microsoft Exchange Zero-Day Under Attack, No Patch Available

Active exploitation of an unpatched Microsoft Exchange zero-day without available patch indicates coordinated nation-state or APT campaign and requires immediate mitigation measures for affected production environments.

Critical CVSS 8.1 EPSS 12%
NEW Storm-2949
20

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 demonstrates how attackers leverage compromised identities for lateral movement across cloud-wide systems,a critical risk for organizations dependent on Microsoft 365 and Entra ID, especially in the DACH region facing elevated APT pressure.

High
NEW
20

The New Phishing Click: How OAuth Consent Bypasses MFA

The attack bypasses MFA not through technical vulnerabilities, but via social engineering of fake device-login prompts that trick users into OAuth consent, exfiltrating tokens , a paradigm shift from technical to social attack patterns.

High
What has changed since yesterday? →
ESC