Klue breach lead to Salesforce data theft, Huntress affected 2026-06-19 at 15:57 By Zeljka Zorz Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sales data across various business tools. Huntress published a detailed account of the incident on June 18, […]
Klue breach lead to Salesforce data theft, Huntress affected Read More »
Cybersecurity Firms Impacted by Klue Supply Chain Attack 2026-06-19 at 12:19 By Ionut Arghire The hackers exfiltrated data from Salesforce instances of Klue customers, such as Huntress and Recorded Future. The post Cybersecurity Firms Impacted by Klue Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cybersecurity Firms Impacted by Klue Supply Chain Attack Read More »
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild 2026-04-17 at 14:32 By Zeljka Zorz The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw
Huntress adds tools to its Agentic Security Platform to detect, fix, and prevent endpoint and identity risks 2026-03-17 at 16:02 By Industry News Huntress has announced Managed Endpoint Security Posture Management (ESPM) and Managed Identity Security Posture Management (ISPM), expanding its Agentic Security Platform to deliver end-to-end protection across endpoints, identities, and human risk. Huntress
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or
Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »
Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user
Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »
Fake “Windows Update” screens fuels new wave of ClickFix attacks 2025-11-25 at 15:02 By Zeljka Zorz A convincing (but fake) “Windows Update” screen can be the perfect lure for tricking users into infecting their computers with malware. Add a multi-stage delivery chain with some offbeat techniques, and infostealer operators have everything they need to slip
Fake “Windows Update” screens fuels new wave of ClickFix attacks Read More »
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »
Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has
Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents 2025-09-16 at 15:46 By Zeljka Zorz All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security service providers and external incident responders have had a
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents Read More »
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls 2025-08-07 at 14:34 By Zeljka Zorz Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 at 15:32 By Zeljka Zorz Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution used by businesses,
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) Read More »
Samsung patches MagicINFO 9 Server vulnerability exploited by attackers 2025-05-15 at 14:18 By Zeljka Zorz Companies running Samsung MagicINFO, a platform for managing content on Samsung commercial digital displays, should upgrade to the latest available version of its v9 branch to fix a vulnerability that’s reportedly being exploited by attackers. If this advice sounds familiar,
Samsung patches MagicINFO 9 Server vulnerability exploited by attackers Read More »
Huntress upgrades Managed ITDR to disrupt hacker tradecraft 2025-04-29 at 11:32 By Industry News Huntress has unveiled its newly enhanced Managed Identity Threat Detection and Response (ITDR) solution, purpose-built to wreck hacker identity tradecraft, alongside new research on the growing threat of identity-based attacks and organizations’ ability to defend against them. Drawing insights from an
Huntress upgrades Managed ITDR to disrupt hacker tradecraft Read More »
Cleo patches zero-day exploited by ransomware gang 2024-12-12 at 18:34 By Zeljka Zorz Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was pushed out on Wednesday, plugs the
Cleo patches zero-day exploited by ransomware gang Read More »
Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) 2024-12-10 at 15:35 By Zeljka Zorz Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday. “We’ve discovered at least 10 businesses whose Cleo servers were
Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623) Read More »
Infosec products of the month: September 2024 2024-10-01 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Absolute, anecdotes, ArmorCode, Binarly, Bitdefender, Druva, F5 Networks, Gcore, Guardsquare, Huntress, Ketch, LOKKER, Malwarebytes, NETGEAR, Nudge Security, Prompt Security, Rapid7, Revenera, Skyhigh Security, Strivacity, Tenable, Trellix,
Infosec products of the month: September 2024 Read More »
Hackers breaching construction firms via specialized accounting software 2024-09-18 at 17:16 By Zeljka Zorz Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. “We’re seeing active intrusions among plumbing, HVAC, concrete, and similar sub-industries,” they noted. A way into corporate networks Ohio-based Foundation
Hackers breaching construction firms via specialized accounting software Read More »
New infosec products of the week: September 13, 2024 2024-09-13 at 06:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Druva, Huntress, Ketch, LOKKER, Tenable, Trellix, and Wing Security. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins Tenable AI Aware
New infosec products of the week: September 13, 2024 Read More »
Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs 2024-09-10 at 09:31 By Industry News Huntress announces the arrival of its new Managed SIEM solution, designed to serve small—to mid-sized enterprises and their MSP allies with everything a Security Information and Event Management (SIEM) should provide and none of what makes traditional SIEMs ineffective
Huntress launches Managed SIEM, eliminating the complexity of traditional SIEMs Read More »