Home/ MITRE Matrix/ Credential Access/ T1606.001

T1606.001Web Cookies

T1606.001 — Web Cookies is a MITRE ATT&CK technique in the Credential Access tactic. Clankerusecase tracks 2 detection use cases covering it and 2 threat-intel articles citing it.

Credential Access

View on the matrix → Filter Detection Library MITRE official spec ↗

2Use cases

2Articles

0Sub-techniques

1Tactic

↑ Parent technique: T1606 · Forge Web Credentials

Use cases covering this technique (2)

[LLM] JWT token in HTTP Authorization header verifying against secret 'random' Bespoke actions · alerting DSPDDCW [LLM] HAXcms CVE-2026-46395: forged-JWT admin write within 30m of connectionSettings leak Bespoke actions · alerting DSP

Articles citing this technique (2)

crit [GHSA / CRITICAL] CVE-2026-48031: Go Restful API Boilerplate: Hardcoded JWT Secret "random" Allows Token Forgery art-64

crit [GHSA / CRITICAL] CVE-2026-46395: HAXcms: Private Key Disclosure via Broken HMAC Implementation art-261