Huntress
Coverage of Huntress in the Nexus archive.
- Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts
Cybersecurity researchers have identified a password spray attack targeting Microsoft's Azure CLI, compromising at least 78 accounts through 81 million+ login attempts. The attack, tracked by Huntress, originates from an IPv6 range controlled by LSHIY LLC (AS32167) and occurred between June 12 and June 26.
- Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers disclosed an unpatched vulnerability in the Windows search: URI handler that could allow attackers to steal NTLMv2 hashes. The issue is similar to CVE-2026-33829, which affected the Windows Snipping Tool's ms-screensketch: URI handler, and was identified by Huntress.
- Arctic Wolf kicks 250 employees out of the pack to save money for AI
Arctic Wolf laid off 250 employees to invest more in AI and position the company for long-term strategy. The layoffs represent less than 10 percent of the total workforce. The company aims to operate more efficiently and deliver strong value to customers.
- Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Huntress warns that three zero-day vulnerabilities in Microsoft Defender—BlueHammer, RedSun, and UnDefend—are being actively exploited by threat actors to gain elevated system privileges. Two of these vulnerabilities remain unpatched, posing ongoing security risks.