Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.

Threats Tagged 't1554'

View all threats tagged with 't1554'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Search threats by title, CVE ID, or description. Maximum 100 characters.
Active filters (1):Tag: t1554

Threats Tagged 't1554'

Click on any threat for detailed analysis and mitigation recommendations

Chromium extension uses AI‑related branding to redirect browser search
0

Microsoft Threat Intelligence identified a malicious Chromium extension spoofing Perplexity AI to deceive users into installation. The extension's primary objective involves search traffic interception and data collection through Manifest Version 3 capabilities and declarativeNetRequest rules. It routes both full search queries and real-time keystrokes through attacker-controlled infrastructure hosted on a typosquatted domain before redirecting to legitimate search providers. The extension overrides browser default search settings, captures user input at keystroke-level, and uses suspicious permissions inconsistent with legitimate AI assistants. The threat demonstrates how actors operationalize AI branding as social engineering vectors. Google removed the extension following responsible disclosure. Organizations should strengthen user awareness training and implement layered security strategies to detect similar threats.

Join the discussion
Public and Private Medical Community Targeted by Threat Actor Pursuing Artificial Intelligence, Cyber, Medical, and National Defense Research
0

A sophisticated espionage campaign attributed to UNC6508, a China-nexus threat actor, targeted North American academic, medical, and military research institutions for over a year. The adversary exploited REDCap servers, deployed custom INFINITERED malware to harvest credentials, and maintained persistent access through trojanized legitimate files that survived software upgrades. After remaining undetected for more than a year, the threat actor pivoted to administrative accounts and created malicious content compliance rules to silently exfiltrate emails containing defense intelligence, Indo-Pacific command operations, artificial intelligence research, uncrewed vehicle systems, cyber programs, and medical research data. The operation employed sophisticated techniques including obfuscation networks routing through US-based infrastructure, compromised routers, and dedicated exfiltration accounts, demonstrating advanced operational security aligned with strategic intelligence collection requirements.

Join the discussion

Showing 1 to 2 of 2 results

Filters:Tag: t1554
Page 1 of 1
OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited
View courses