Infostealers Crash Course: A Tradecraft Tuesday Recap
If a threat actor launches a ransomware, extortion, or identity theft attack, the odds are that infostealers—and the credentials they’ve compromised—are behind it. Infostealers have…
Month: March 2026
FortiGate Firewalls Exploited in Wave of Attacks to Breach Networks and Steal Credentials
A series of intrusions in early 2026 in which threat actors compromised FortiGate Next-Generation Firewalls (NGFW) to establish persistent footholds within enterprise environments. Each case…
Introducing Threat Simulator for Better Employee Security Awareness Training. Start Your Trial Today.
Cyberattacks are constantly evolving. Does your security awareness training keep up? Most businesses have some form of security awareness training (SAT), but traditional SAT hasn’t…
Extending Threat Coverage on Macs with XProtect and Microsoft Defender for Endpoint
As Macs keep growing in popularity with businesses of all types and sizes, they’ve also started catching the eye of hackers. An increased focus by…
CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed
Ravie LakshmananMar 12, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to…
How Huntress Addresses Lateral Movement
Lateral movement is one of the most common attack tactics that attackers use once they’re inside an organization. Leveraging lateral movement techniques allows attackers to…
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and conduct financial fraud. The Android…
CISA warns of actively exploited Ivanti EPM and Cisco SD-WAN flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that an authentication bypass vulnerability patched in Ivanti Endpoint Manager (EPM) last month is now…
Introducing Behavior-Based Assignments | Huntress
In 2023, Huntress Managed Endpoint Detection and Response (EDR) conducted an assessment to detect exposed passwords across all of our managed endpoints and found that…
Veeam warns of critical flaws exposing backup servers to RCE attacks
Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities. VBR is…
Apple Issues Security Updates for Older iOS Devices Targeted by Coruna WebKit Exploit
Ravie LakshmananMar 12, 2026Vulnerability / Malware Apple on Wednesday backported fixes for a security flaw in iOS, iPadOS, and macOS Sonoma to older versions after…
Resumés with malicious ISO attachments are circulating, says Aryaka
Defensive strategies “It is virtually impossible to instill sophisticated levels of knowledge for every user of technology to be able to correctly identify malicious communications,”…