Malware Deep Dive | Huntress
When we come across a persistent foothold, it’s often just the tip of the iceberg. The Huntress SOC team flagged a user Run Key value…
Month: May 2026
Charter Communications data breach affects 4.9 million accounts
The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data…
Microsoft Releases KB5089573 for Windows 11 to Fix Patch Tuesday Install Issues
Microsoft has rolled out a new cumulative update, KB5089573, for Windows 11 versions 25H2 and 24H2, targeting a critical installation failure that affected users following…
GitLab Patches Multiple Duo AI, DoS, and Authorization Vulnerabilities
GitLab has released patch versions 19.0.1, 18.11.4, and 18.10.7 to fix seven security issues affecting GitLab CE and EE, including Duo AI workflow runner access…
Iranian Hackers Deploy MiniFast and MiniJunk V2 via Phishing and SEO Poisoning
The Iranian state-sponsored threat actor known as Nimbus Manticore (aka Screening Serpens and UNC1549) has been attributed to a fresh campaign using lures impersonating organizations…
Challenging AI hype narratives with director Valerie Veatch
Artificial intelligence (AI) has been engulfed by hype. Boosters and doomers alike speak prophetically about the coming utopias and dystopias that will be ushered in…
What the industrialization of exploitation means for defenders
Think about what your team used to rely on. Attackers left clues that telegraphed their presence – patterns you could learn, signatures you could catch…
Threat Advisory: Hackers Are Exploiting CVE-2021-40444
On September 7, Huntress was made aware of a new threat against Windows operating systems and Microsoft Office products. With the identifier CVE-2021-40444, the MSHTML…
US charges Google security engineer with Polymarket insider trading
A Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction…
Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild
Palo Alto Networks authentication bypass vulnerability, CVE-2026-0257, affecting PAN-OS and Prisma Access, is now being actively exploited in the wild, with CISA adding it to…
Trusted Dev Tools Abused to Steal Code and Secrets
Attackers are increasingly weaponizing trusted developer tools to infiltrate software supply chains, with CISA warning of multiple ongoing campaigns targeting CI/CD ecosystems and developer workflows.…
Gitea Vulnerability Exposes Private Container Images without Authentication
Ravie LakshmananMay 27, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows…