The Containment Era is here. →Explore

aviatrix logoAviatrix
Under Active Attack
Industry Category

Business Supplies/Equipment

Breach intelligence, attack campaigns, and threat reports targeting the Business Supplies/Equipment sector.

5 threat reports
Page 1 of 1

Explore Other Sectors

Accounting
Aerospace/Aviation
Agriculture
Airlines/Aviation
Animation
Apparel/Fashion
Architecture/Planning
Artificial Intelligence
Artificial Intelligence/Machine Learning
Arts/Crafts
Automotive
Aviation/Aerospace
Banking/Mortgage
Biotechnology/Greentech
Blockchain/Cryptocurrency
Broadcast Media
Broadcasting Media
Broadcasting/Media
Building Materials
Business Supplies/Equipment
Capital Markets/Hedge Fund/Private Equity
Chemical
Chemicals
Civic/Social Organization
Civil Engineering
Cloud Computing
Cloud Computing/SaaS
Cloud Services
Commercial Facilities
Commercial Real Estate
Computer Games
Computer Hardware
Computer Networking
Computer Software/Engineering
Computer/Network Security
Construction
Consulting
Consumer Electronics
Consumer Goods
Consumer Services
Cosmetics
Cosmetics
Critical Manufacturing
Cryptocurrencies
Customer Services
Cybersecurity
Dairy
Dating/Personal Services
Defense/Space
Design
E-Learning
Education Management
Electrical/Electronic Manufacturing
Emergency Services
Energy
Energy/Oil/Solar/Greentech
Entertainment/Movie Production
Environmental Services
Events Services
Facilities Services
Farming
Fashion/Apparel
Financial Services
Fine Art
Fishery
Food Production
Food/Beverages
Fortune 500 companies
Franchising
Fundraising
Gambling/Casinos
Gaming
Gaming/Casinos
Government Administration
Government Facilities
Government Relations
Graphic Design/Web Design
Health Care / Life Sciences
Higher Education/Acadamia
Hospitality
Human Resources/HR
Import/Export
Individual/Family Services
Industrial Automation
Information Services
Information Technology/IT
Insurance
International Affairs
International Trade/Development
Internet
Investment Banking/Venture
Investment Management/Hedge Fund/Private Equity
Judiciary
Law Enforcement
Law Practice/Law Firms
Legal Services
Legislative Office
Leisure/Travel
Logistics/Procurement
Luxury Goods/Jewelry
Machinery
Management Consulting
Manufacturing
Maritime
Marketing/Advertising/Sales
Mechanical or Industrial Engineering
Media Production
Medical Equipment
Medical Practice
Military Industry
Mining/Metals
Mobile
Museums/Institutions
Music
Newspapers/Journalism
Non-Profit/Volunteering
Oil/Energy/Solar/Greentech
Online Publishing
Outsourcing/Offshoring
Package/Freight Delivery
Parking
Pharmaceuticals
Philanthropy
Photography
Plastics
Political Organization
Primary/Secondary Education
Professional Training
Public Relations/PR
Public Safety
Publishing Industry
Railroad Manufacture
Real Estate/Mortgage
Recreational Facilities/Services
Religious Institutions
Renewables/Environment
Research Industry
Restaurants
Retail Industry
Robotics
Rural Healthcare
Security/Investigations
Semiconductors
Sporting Goods
Sports
Staffing/Recruiting
Supermarkets
Technology
Technology/IT
Telecommunications
Think Tanks
Toys and Games
Transportation
Travel/Tourism
Trucking/Freight
Utilities
Venture Capital/VC
Warehousing
Water and Wastewater
Water and Wastewater Systems
Water and Wastewater Treatment
Water, Waste, Steam, and Air Conditioning Services
Water/Wastewater Management
Water/Wastewater/Utilities
Wholesale
Wireless

Business Supplies/Equipment Threat Reports

Showing 15 / 5 reports
Zapier Exploit Chain Reveals Critical Cloud Security Vulnerabilities
Impact· HIGH
Computer Software/Engineering

Zapier Exploit Chain Reveals Critical Cloud Security Vulnerabilities

In May 2026, researchers from Token Security identified a critical vulnerability in Zapier's platform, demonstrating how a series of misconfigurations and over-permissioned roles could lead to a full platform takeover. The exploit chain began with the ability to execute code within Zapier's 'Code by Zapier' feature, allowing attackers to perform sandbox reconnaissance and extract credentials from memory. This access enabled lateral movement to Zapier's private repositories, where a high-privilege NPM token was discovered, potentially allowing the publication of malicious code to all authenticated users. Zapier promptly addressed the issue by revoking the leaked token and tightening IAM roles, with full remediation confirmed by March 2026. This incident underscores the critical importance of securing cloud integrations and managing permissions effectively. As cloud services become increasingly complex, even minor misconfigurations can be exploited to orchestrate significant breaches, highlighting the need for continuous security assessments and robust access controls.

3 weeks ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(medium)
E
Exfiltration(medium)
I
Impact(high)
Read Report
Zendesk 2026 Spam Campaign: A Wake-Up Call for Securing Support Systems
Impact· MEDIUM
Computer Software/Engineering

Zendesk 2026 Spam Campaign: A Wake-Up Call for Securing Support Systems

In January 2026, a massive global spam campaign exploited unsecured Zendesk support systems, allowing attackers to flood users' inboxes with automated 'ticket received' emails. By abusing Zendesk instances that permitted unverified users to submit support tickets, attackers generated numerous fake tickets using large email lists. This resulted in victims receiving confirmation emails from legitimate Zendesk domains, enabling the messages to bypass spam filters and inundate users' inboxes. Affected organizations included major companies such as Discord, Tinder, Riot Games, Dropbox, CD Projekt, NordVPN, and various Tennessee state departments. Notably, the spam emails did not contain malware or phishing links but featured bizarre and seemingly pointless messages, such as fake law enforcement takedown requests and promotional offers. Zendesk acknowledged the issue and responded by implementing new safety measures, including enhanced monitoring and stricter activity limits to detect and halt spam efforts more effectively. The campaign began on January 18, 2026, but its current status remains unclear. ([techradar.com](https://www.techradar.com/pro/security/zendesk-tickets-hijacked-in-massive-spam-campaign?utm_source=openai)) This incident underscores the critical importance of securing customer support platforms against abuse. The exploitation of Zendesk's ticketing system highlights a broader trend where attackers leverage legitimate services to conduct spam campaigns, thereby evading traditional security measures. Organizations must proactively assess and fortify their support systems to prevent similar abuses, ensuring that such platforms do not become vectors for large-scale spam or other malicious activities.

4 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(high)
Read Report
Jabber Zeus Coder 'MrICQ' Arrested: Lessons from a Banking Trojan Empire
Impact· high
Banking/Mortgage

Jabber Zeus Coder 'MrICQ' Arrested: Lessons from a Banking Trojan Empire

In October 2025, U.S. authorities took into custody Yuriy Igorevich Rybtsov, known online as "MrICQ," a key developer for the infamous Jabber Zeus cybercrime group. The group, active between 2009 and 2013, leveraged a custom version of the ZeuS banking trojan to compromise small and mid-sized business accounts, bypass multi-factor authentication, and orchestrate elaborate money-laundering schemes across multiple countries. MrICQ's primary role involved monitoring real-time breaches, facilitating payroll fraud via money mules, and supporting the laundering of illicit gains through electronic exchanges. This arrest follows years of cross-border law enforcement collaboration, building upon indictments and intelligence from forensic chat intercepts and international extraditions. This case highlights the evolving tactics of financially motivated threat actors, especially their capacity to defeat strong authentication and automate large-scale financial theft. The longevity and operational sophistication demonstrated by groups like Jabber Zeus underscore persistent vulnerabilities in online banking and underscore the need for adaptive security controls across sectors.

5 months ago

Kill Chain

IC
Initial Compromise(high)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(high)
Read Report
Russian APT Attackers Compromise Ukrainian Networks Using Living-Off-the-Land (LOTL) Tactics
Impact· low
Government Administration

Russian APT Attackers Compromise Ukrainian Networks Using Living-Off-the-Land (LOTL) Tactics

In mid-2025, Russian advanced persistent threat (APT) actors launched highly targeted campaigns against Ukrainian organizations, focusing on business services firms and local government entities. Over the course of several weeks, attackers gained initial access through stealthy living-off-the-land (LOTL) techniques, leveraging legitimate administrative tools and native Windows utilities to evade detection and persist on networks. Their primary objectives were the exfiltration of sensitive data and establishing long-term, covert access, which allowed the attackers to move laterally with minimal noise and avoid triggering common security alerts. The operational impact included compromise of confidential internal documents and increased risk to ongoing operations. This incident underscores a growing reliance on LOTL tactics by sophisticated nation-state actors, complicating traditional detection and response methods. With geopolitical tensions in Eastern Europe remaining high, organizations and government agencies must anticipate and defend against stealthy, low-profile intrusions that exploit trusted system tools to bypass conventional defenses.

5 months ago

Kill Chain

IC
Initial Compromise(medium)
PE
Privilege Escalation(medium)
LM
Lateral Movement(medium)
C&C
Command & Control(medium)
E
Exfiltration(medium)
I
Impact(low)
Read Report
How Brickstorm Malware Evaded Detection in US Legal & Tech Sectors: A 2025 APT Case Study
Impact· medium
Information Technology/IT

How Brickstorm Malware Evaded Detection in US Legal & Tech Sectors: A 2025 APT Case Study

In 2025, Google’s Threat Intelligence Group uncovered that the UNC5221 threat actor, suspected to have ties to China, used the Brickstorm malware to conduct stealthy, long-term espionage campaigns against U.S. legal and technology organizations, SaaS providers, and BPOs. The attackers exploited zero-day vulnerabilities in enterprise edge devices lacking EDR protection, establishing persistent access for an average dwell time of over a year. Brickstorm enabled credential theft, lateral movement, and data exfiltration, often targeting email and sensitive code repositories, all while obfuscating forensic traces and regularly changing infrastructure. This incident highlights a growing trend of persistent, supply-chain-oriented APT attacks targeting critical sectors via unmonitored infrastructure. It underscores the importance of timely patching, segmentation, and improved visibility for hybrid and edge environments facing increasing risks from nation-state adversaries.

5 months ago

Kill Chain

IC
Initial Compromise(medium)
PE
Privilege Escalation(high)
LM
Lateral Movement(high)
C&C
Command & Control(high)
E
Exfiltration(high)
I
Impact(medium)
Read Report
[ INCIDENT RESPONSE // UNDER ATTACK? ]

Stop Active Cloud Data Exfiltration

Aviatrix Breach Lock helps teams instantly identify what data is leaving the environment, from which workload, and where it’s going — during an active breach.

Under Attack

Looking for threats in a different sector?

Browse All Threat Reports