Adam Shostack  

"having considerable success exploiting publicly known common vulnerabilities and exposures (CVEs) and other avoidable weaknesses within compromised infrastructure [T1190].
Exploitation of zero-day vulnerabilities has not been observed to date."

So you're saying they're script kiddies and they're totally pwning the telecoms sector worldwide?

What about this is "advanced?"

https://www.ic3.gov/CSA/2025/250827.pdf

Aug 27, 2025 at 6:28pmWeb
Show threadChris PetrilliAug 27, 2025
@adamshostack advanced persistent teenagers.
Show threadcrypt0cler1cAug 27, 2025
@adamshostack From the outside we assume that systems are properly secured and institutions are responsible and the reality inside many Orgs is basically duct tape and living on a prayer.