Skip to content

Commit c551e22

Browse files
committed
Release v4.8.0
Techniques are now sorted alphabetically when displayed under tactics. Update the website to use ATLAS Data v5.1.0
1 parent e841b34 commit c551e22

12 files changed

Lines changed: 115 additions & 6 deletions

File tree

CHANGELOG.md

Lines changed: 14 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,25 @@
11
# ATLAS Website Changelog
22

3+
## [4.8.0]() (2025-11-06)
4+
5+
#### Website v4.8.0
6+
7+
- Updated the website to use ATLAS Data v5.1.0
8+
- Techniques are now sorted alphabetically when displayed under tactics.
9+
10+
#### Data
11+
12+
- Updated ATLAS data to [version 5.1.0](https://github.com/mitre-atlas/atlas-data/blob/main/CHANGELOG.md#510-2025-11-06)
13+
314
## [4.7.1]() (2025-10-21)
415

5-
##### Website v4.7.1
16+
#### Website v4.7.1
617

718
- Updated contributors and corrected v4.6.0 release notes.
819

920
## [4.7.0]() (2025-10-15)
1021

11-
##### Website v4.7.0
22+
#### Website v4.7.0
1223

1324
- Added technique maturity filter to matrix view
1425
- Added technique maturity tooltip to technique pages
@@ -19,7 +30,7 @@
1930

2031
## [4.6.0]() (2024-09-30)
2132

22-
##### Website v4.6.0
33+
#### Website v4.6.0
2334

2435
- New techniques focused on generative and agentic AI.
2536
- New phishing website detector evasion case study.

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"name": "atlas-website",
33
"type": "module",
4-
"version": "4.7.1",
4+
"version": "4.8.0",
55
"private": true,
66
"scripts": {
77
"build": "run-p type-check \"build-only {@}\" --",

public/content/contributorslist.yaml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -265,3 +265,21 @@ data:
265265
- organization: Cisco
266266
contributors:
267267
- Hyrum Anderson
268+
269+
- organization: Lumia Security
270+
contributors:
271+
- Stiv Kupchik
272+
273+
- organization: Pillar Security
274+
contributors:
275+
- Ziv Karliner
276+
277+
- organization: Bank of America
278+
279+
- organization: Fortinet
280+
281+
- organization: Lloyds Banking Group
282+
283+
- organization: Siemens
284+
285+
- organization: Sopra Steria

public/content/update-files/2025-10.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ Added technique maturity filter to matrix view and tooltip to technique pages.
1212

1313
Minor language tweaks and typo fixes.
1414

15-
##### Release Statement
15+
###### Release Statement
1616

1717
©2025 The MITRE Corporation. ALL RIGHTS RESERVED
1818

Lines changed: 79 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,79 @@
1+
#### November 2025
2+
3+
##### Website v4.8.0
4+
5+
- Updated the website to use ATLAS Data v5.1.0
6+
- Techniques are now sorted alphabetically when displayed under tactics.
7+
8+
##### Data v5.1.0
9+
10+
This version of ATLAS data contains 1 matrix, 16 tactics, 84 techniques, 56 sub-techniques, 32 mitigations, and 42 case studies.
11+
12+
###### Tactics
13+
14+
- Added a new tactic
15+
16+
- [Lateral Movement](/techniques/AML.TA0015)
17+
18+
###### Techniques
19+
20+
- Added new techniques
21+
22+
- [Gather Victim Identity Information](/techniques/AML.T0087)
23+
- [Generate Deepfakes](/techniques/AML.T0088)
24+
- [Process Discovery](/techniques/AML.T0089)
25+
- [OS Credential Dumping](/techniques/AML.T0090)
26+
- [Use Alternate Authentication Material](/techniques/AML.T0091)
27+
- [Use Alternate Authentication Material: Application Access Token](/techniques/AML.T0091.000)
28+
- [Manipulate User LLM Chat History](/techniques/AML.T0092)
29+
- [Prompt Infiltration via Public-Facing Application](/techniques/AML.T0093)
30+
- [Delay Execution of LLM Instructions](/techniques/AML.T0094)
31+
- [Search Open Websites/Domains](/techniques/AML.T0095)
32+
33+
- Updated existing techniques
34+
35+
- [Active Scanning](/techniques/AML.T0006)
36+
- [Evade AI Model](/techniques/AML.T0015)
37+
- [Exfiltration via AI Inference API: Infer Training Data Membership](/techniques/AML.T0024.000)
38+
- [LLM Prompt Injection: Triggered](/techniques/AML.T0051.002)
39+
- [AI Agent Tool Invocation](/techniques/AML.T0053)
40+
- [Data from AI Services](/techniques/AML.T0085)
41+
42+
###### Mitigations
43+
44+
- Added new mitigations
45+
- [Privileged AI Agent Permissions Configuration](/mitigations/AML.M0026)
46+
- [Single-User AI Agent Permissions Configuration](/mitigations/AML.M0027)
47+
- [AI Agent Tools Permissions Configuration](/mitigations/AML.M0028)
48+
- [Human In-the-Loop for AI Agent Actions](/mitigations/AML.M0029)
49+
- [Restrict AI Agent Tool Invocation on Untrusted Data](/mitigations/AML.M0030)
50+
- [Memory Hardening](/mitigations/AML.M0031)
51+
52+
###### Case Studies
53+
54+
- Added new case studies
55+
56+
- [Live Deepfake Image Injection to Evade Mobile KYC Verification](/studies/AML.CS0033)
57+
- [ProKYC: Deepfake Tool for Account Fraud Attacks](/studies/AML.CS0034)
58+
- [Data Exfiltration from Slack AI via Indirect Prompt Injection](/studies/AML.CS0035)
59+
- [AIKatz: Attacking LLM Desktop Applications](/studies/AML.CS0036)
60+
- [Data Exfiltration via Agent Tools in Copilot Studio](/studies/AML.CS0037)
61+
- [Planting Instructions for Delayed Automatic AI Agent Tool Invocation](/studies/AML.CS0038)
62+
- [Living Off AI: Prompt Injection via Jira Service Management](/studies/AML.CS0039)
63+
- [Hacking ChatGPT’s Memories with Prompt Injection](/studies/AML.CS0040)
64+
- [Rules File Backdoor: Supply Chain Attack on AI Coding Assistants](/studies/AML.CS0041)
65+
66+
- Updated existing case studies
67+
68+
- [Camera Hijack Attack on Facial Recognition System](/studies/AML.CS0004)
69+
- [Achieving Code Execution in MathGPT via Prompt Injection](/studies/AML.CS0016)
70+
- [Financial Transaction Hijacking with M365 Copilot as an Insider](/studies/AML.CS0026)
71+
- [Google Bard Conversation Exfiltration](/studies/AML.CS0029)
72+
- [ChatGPT Package Hallucination](/studies/AML.CS0022)
73+
74+
75+
###### Release Statement
76+
77+
©2025 The MITRE Corporation. ALL RIGHTS RESERVED
78+
79+
Approved for public release. Distribution unlimited 25-02579-5.
223 Bytes
Binary file not shown.
4 KB
Binary file not shown.
271 Bytes
Binary file not shown.
3.72 KB
Binary file not shown.

0 commit comments

Comments
 (0)