Tag: huntress
9 articles

Hackers Exploit Microsoft 365 Flaws with 81 Million Login Attempts
In just two weeks, a massive password-spraying campaign racked up over 81 million login attempts, compromising 78 Microsoft 365 accounts across 64 organizations and highlighting a dramatic surge in cyber threats. This alarming trend saw a 155-fold increase in attacks, with organizations now facing an average of 1,964 failed login attempts per month.

Huntress Insider Threat Exposed in Ransomware Probe Leak
A Huntress insider reportedly made a grave mistake, casually disclosing to a cybercriminal that law enforcement was on their tail - a moment of poor judgment that fell short of the company's high standards. The alarming exchange was part of a larger pattern of questionable communication uncovered between the currently employed threat hunter and the threat actor.

Huntress Insider Leak Exposes Potential Security Breach
A shocking security breach at Huntress has come to light, with a former analyst claiming that a colleague may have compromised the company's integrity by passing sensitive law enforcement communications to a notorious cybercriminal. The explosive allegations have left many questions unanswered about the breach and its potential impact.

Unpatched Windows Search Flaw Exposes User Hashes
A newly discovered vulnerability in Windows' search feature can be exploited to steal user passwords, allowing hackers to gain access to sensitive information. By simply clicking on a malicious link, a user's login credentials can be exposed to attackers.

Russian Cyber Threat Stunning Severe GenAI Fortinet Breach
What began as a routine probe of FortiGate appliances turned into a forensic goldmine when telemetry revealed a Russian‑speaking operator leaning on generative AI to craft and adapt attack steps. Their slip transformed a stealthy intrusion into a clear warning: GenAI can supercharge low‑skill attackers — and leave the very traces that expose them.

VMware ESXi exploited by China-linked hackers: Exclusive
What if the hypervisor that protects your virtual machines became the door into your entire datacenter? Huntress says China-linked hackers had a working VMware ESXi escape kit and were exploiting it more than a year before the bugs were disclosed, leaving organizations dangerously exposed.

attacker surveillance: Exclusive Risky Ethics Debate
Huntress’s cheeky description of an attacker “on a silver platter” has split infosec — praised by some as a rare, practical learning moment and criticized by others for risking privacy, investigative integrity, and even giving attackers tips. The debate highlights a bigger question: how can defenders share real-world lessons widely without creating new vulnerabilities or harming victims?

AI-powered operations: Stunning Exposure, Defender Win
An attacker’s bid for stealth backfired when legitimate security software exposed their AI‑assisted playbook — Huntress telemetry captured model‑like artifacts that turned a covert campaign into a forensic treasure trove, proving AI speeds attacks but also leaves telltale traces defenders can use.

CVSS 10 RCE in Wing FTP Exploited Within 24 Hours Warns Security Experts
A critical vulnerability in Wing FTP Server was exploited by attackers less than 24 hours after its public disclosure—proving just how fast threats can strike and why quick patching is more crucial than ever.