Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
The Mandiant Advanced Practices team previously published a threat research blog post that provided an overview of UNC1945 ( LightBasin ) operations where the actor compromised managed services providers to gain access to targets in the financial and professional consulting industries. Since that time, Mandiant has investigated and attributed several intrusions to a threat cluster we believe has a nexus to this actor, currently being tracked as UNC2891. Through these investigations, Mandiant has discovered additional techniques, malware, and utilities being used by UNC2891 alongside those previously observed in use by UNC1945. Despite having identified significant overlaps between these threat clusters, Mandiant has not determined they are attributable to the same actor.
No exploited CVEs have been attributed to this threat actor yet.
Browse CVE Database