Vendor
high
advisory
Nx Console Compromised Extension Harvesting Credentials (CVE-2026-48027)
2 rules 1 TTP 1 CVENx Console contained an embedded malicious code vulnerability (CVE-2026-48027) which allowed a malicious version of the extension to be published and harvest credentials from disk and memory.
Nx Console
supply-chain
credential-theft
cve
2r
1t
1c
high
advisory
DNS Kerberos Coercion Attempt Detection
3 rules 3 TTPs 5 CVEs 2 IOCsThis brief details the detection of DNS-based Kerberos coercion attacks, where adversaries inject marshaled credential structures into DNS records to spoof SPNs and redirect authentication, as seen in CVE-2025-33073, using Suricata and Sysmon event ID 22.
PoC
Fortinet edge appliances +32
kerberos
coercion
dns
cve-2025-33073
3r
3t
5c
2i
updated