Tag

Exploit

4 briefs RSS

DarkSword iOS Exploit Used in Infostealer Attack

A new exploit dubbed 'DarkSword' is being actively exploited in infostealer campaigns targeting iPhones, potentially leading to unauthorized data access and device compromise.

ios exploit infostealer darksword

2r 3t Mar 19, 2026

high advisory

DarkSword iOS Exploit Chain Proliferation

1 rule 2 TTPs

The DarkSword exploit chain targets iOS versions 18 and under by exploiting a WebKit vulnerability, and is being adopted by multiple threat actors for initial access and execution.

ios exploit webkit darksword

1r 2t Mar 19, 2026

high advisory

Fortigate VPN CVE-2023-27997 Exploitation Attempt

2 rules 1 TTP 1 IOC

IDS alerts indicate a potential exploitation attempt against a Fortigate VPN server using CVE-2023-27997, characterized by repeated GET requests to the /remote/logincheck endpoint originating from a specific IPv6 address.

fortigate vpn cve-2023-27997 exploit initial-access

2r 1t 1i Feb 28, 2026

high advisory

Fortigate VPN Exploit Attempt via CVE-2023-27997 and Suspicious User-Agent

3 rules 2 TTPs 3 IOCs

Multiple IDS alerts indicate potential exploitation attempts against Fortigate VPN servers using CVE-2023-27997, alongside traffic from a suspicious user agent, possibly indicating reconnaissance or exploit activity.

fortigate vpn cve-2023-27997 exploit network

3r 2t 3i Feb 26, 2026