SlashAndGrab ConnectWise ScreenConnect Vulnerability | Huntress
The “exploit” is trivial and embarrassingly easy. These are words you never want to hear when talking about vulnerabilities in a widely used product, but…
Category: ThreatIntelligence-IncidentResponse
Don’t Get Security from Your RMM Provider: Know the Risks
Imagine you’re playing in the big game. With only a minute left in the fourth quarter your team is one yard away from sealing the…
That “Friendly” Prompt is ClickFix
Cybercrime isn’t the chaotic mess of random attacks people still imagine. It’s a booming global economy, projected to cost the world $12.2 trillion annually by…
The Three-Finger Test | Huntress
Three fingers. That’s not just a perfect volume for a glass of scotch, it’s also all it took to expose a deepfake. Jim Browning is…
OpenClaw, Rogue Agents, and Application Hygiene
Acknowledgements: Special thanks to the Huntress Adversary Tactics and Product teams for their work building out identity telemetry, Rogue Applications, and SIEM detections that made…
Decoding NightSpire: Ransomware IOCs Aren’t Set in Stone
Our industry has a ransomware actor categorization problem. News articles will frequently feature splashy headlines like “Akira ransomware group targets critical infrastructure.” However, the reality…
Signals from the Cloud Security Forecast 2026: Cloud Risk Is Scaling through Design, Not Disruption
Key Takeaways Identity and permissions now determine what is reachable, making them the primary drivers of cloud risk. Runtime exposure, not individual findings, determines how…
Protecting Against Session Hijacking & Credential Theft
Cybercriminals are constantly refining their tactics and attack methodologies. With growing threats like session hijacking and credential theft, these aren’t just buzzwords—they’re real threats that…
Phishing in the Fast Lane
Phishing continues to be a hot-button issue and a prevalent worry for many, so let’s keep this conversation alive. In a recent installment of Tradecraft…
Chaos to Clarity: How Our Community Helped Transform SIEM
The Origin Story This is a hero’s journey, just not the kind you think. No caped crusaders or radioactive spiders here. It’s about a real-life…
CVE-2026-35616 Fortinet FortiClientEMS zero-day exploited
Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways: CVE-2026-35616, an improper access control vulnerability,…
You’re the “Why” Behind the Huntress Hub
When it comes to getting your security right, you shouldn’t have to go about it alone. It can take way more time and resources than…