Zero-day exploit completely defeats default Windows 11 BitLocker protections
A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to…
Month: May 2026
Patero, Orilla launch secure edge-to-enterprise platform for industrial AI and quantum-resistant communications
Patero, a provider of post-quantum encryption and secure communications technologies, and Orilla, an edge-native software company focused on industrial AI and DataOps, announced a partnership…
Bitdefender uncovers FamousSparrow attacks on Azerbaijan energy sector using DLL sideloading, Deed RAT malware
New research from Bitdefender detailed targeting an Azerbaijani oil and gas company in a multi-wave cyberespionage campaign that ran from late December 2025 through February…
Automating post-quantum cryptography readiness using AWS Config
Migrating your TLS endpoints to Post-quantum cryptography (PQC) starts with understanding your current TLS endpoint inventory and posture. This post introduces the PQC Readiness Scanner…
Defense in depth for autonomous AI agents
Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools,…
The Value of Managed EDR for the Modern MSP
If you’ve been following Huntress for a while, you already know that historically, our place in cybersecurity stacks has been to catch the threats that…
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company…
New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass
A newly uncovered malware framework is raising serious alarms across the cybersecurity community. Researchers have identified a previously unknown implant called TencShell, a sophisticated tool…
Critical WordPress Plugin Flaw Allows Unauthorized Access to Websites
A critical vulnerability in a widely used WordPress plugin has exposed more than 200,000 websites to potential takeover, raising urgent concerns across the security community.…
Fake Job Interview Apps Drop JobStealer Malware on Windows and macOS
A fake job interview is now being used as bait to steal crypto wallets, browser credentials, and sensitive files from both Windows and macOS users.…
Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
Researchers have found and disclosed yet another local privilege escalation (LPE) vulnerability in the Linux kernel: CVE-2026-46300, aka “Fragnesia”. The flaw is in the same…
Deepfake sextortion forces schools to remove student photos from websites
Schools love a good photo, whether it’s from a trip to a castle, a science prize ceremony, or sports day shot from three angles. For…