They Got In Through SonicWall. Then They Tried to Kill Every Security Tool
Summary In early February 2026, Huntress responded to an intrusion where threat actors leveraged compromised SonicWall SSLVPN credentials to gain initial access to a victim…
Category: ThreatIntelligence-IncidentResponse
AI Patch Reliability Score – Predict and Prioritize Patch Impact
What do advisory USN-7545-1 and Windows updates KB5065426, KB5063878, KB5055523, and KB5066835 have in common? Based on anonymized Qualys telemetry from 2025, they were among…
CVE-2026-20127 Zero-Day Auth Bypass Exploited
Exploitation of a maximum severity authentication bypass zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and Manager has been reported. Immediate patching is recommended to thwart…
Manage your Elastic security stack as code with the Elastic Stack Terraform provider — Elastic Security Labs
The Elastic Stack Terraform provider has reached a significant milestone. Starting with release v0.13.1, you can manage your Elastic security posture – detection rules, exception…
KongTuke FileFix Leads to New Interlock RAT Variant
Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT).…
From Bing Search to Ransomware: Bumblebee and AdaptixC2 Deliver Akira
Detect case variation in command execution: Hunt for mixed-case command invocations like Cmd.eXE, CmD.Exe which may indicate evasion attempts Behavioral Correlation Rules Hunt for FileZilla installation on servers…