active directory Archives • Daily CyberSecurity

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory UNC6692 SNOW Malware Suite

UNC6692 Uses MS Teams and Cloud Reputations to Hijack Active Directory

Do Son April 27, 2026

A sophisticated new threat actor, UNC6692, is redefining the art of the initial breach. According to a...

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

EV2GO Charging Platform ICSA-26-057-04 Lazarus Group, Crypto Hacks LazyStealer

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors

Do Son March 19, 2026

The Warlock ransomware group (also tracked as Water Manaul) has significantly sharpened its claws. A recent deep-dive...

Cisco SD-WAN Vulnerability CVE-2026-20133 FortiGate Compromise Ivanti EPMM Zero-Day CVE-2026-1281 SmarterMail Vulnerability Storm-2603 WatchGuard Zero-Day, IKEv2 Out-of-Bounds Write Cisco Zero-Day, UAT-9686 Chinese APT FortiWeb RCE Exploitation CVE-2025-58034 VMware Zero-Day, Privilege Escalation Sitecore, remote code execution CVE-2025-53690 Windows CLFS, Privilege Escalation CVE-2024-47575 & CVE-2024-11120 CVE-2025-24983 vulnerability

SentinelOne Unmasks Exploitation of FortiGate Appliances as Gateways to Network Takeover

Do Son March 15, 2026

The SentinelOne Digital Forensics & Incident Response (DFIR) team issued a warning: the very appliances designed to...

PoC Exploit Disclosed: Researcher Unveils Windows MS-EVEN RPC Vulnerability

Do Son March 15, 2026

The SafeBreach Labs research team has pulled back the curtain on a significant security weakness in the...

Everon OCPP Vulnerability CVE-2026-26288 ASUSTOR ADM Vulnerability CVE-2026-24936 PrismX MX100 Vulnerability Hard-Coded Credentials Advantech Vulnerability CVE-2025-52694 Eaton UPS Companion, CVE-2025-59887 ASUS Router, Authentication Bypass ASUSTOR DLL Hijacking, Privilege Escalation OpenShift AI, Privilege Escalation GoAnywhere vulnerability CVE-2025-10035 LangChainGo, template injection DeepDiff, class pollution ToolShell Sunshine, CSRF Vulnerability KACE SMA, Critical Vulnerabilities Oracle Zero-Days - PDQ Deploy vulnerability

CVE-2026-24936: Critical ASUSTOR Flaw (CVSS 9.5) Allows Remote System Takeover

Do Son February 4, 2026

A severe vulnerability has been discovered in ASUSTOR ADM (ASUSTOR Data Master), the operating system that powers...

Zoho Patches Critical “9.1” Flaw in ADSelfService Plus CVE-2025-1723 ManageEngine Vulnerability CVE-2025-11250

Zoho Patches Critical “9.1” Flaw in ADSelfService Plus

Do Son January 15, 2026

ManageEngine has issued a critical security alert for ADSelfService Plus, its widely used self-service password management and...

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA

Do Son December 25, 2025

Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to...

Researcher Details Windows SMB Server Elevation of Privilege Vulnerability – CVE-2025-58726 Kerberos Reflection, Ghost SPN

Researcher Details Windows SMB Server Elevation of Privilege Vulnerability – CVE-2025-58726

Do Son November 4, 2025

A newly disclosed Windows vulnerability, CVE-2025-58726, allows attackers with low privileges to gain SYSTEM-level access remotely by...

Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs CVE-2023-0614 Samba RCE, CVE-2025-10230

Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs

Do Son October 16, 2025

The Samba Team has released an urgent security advisory addressing two vulnerabilities, including a critical command injection...

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch BadSuccessor, Active Directory

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch

Do Son August 30, 2025

At DEF CON 2025, Akamai security researcher Yuval Gordon revealed the story of BadSuccessor (CVE-2025-53779), an Active...

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx Sinobi Group, ransomware

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

Do Son August 29, 2025

Recently, eSentire’s Threat Response Unit (TRU) investigated a ransomware attack that it has attributed to an affiliate...

The Win-DDoS Epidemic: New Flaws Weaponize Windows Domain Controllers for Massive DoS Attacks, PoC Releases

Do Son August 12, 2025

SafeBreach Labs researchers have uncovered a new class of denial-of-service (DoS) vulnerabilities in Microsoft Windows that could...

EPM Poisoning (CVE-2025-49760): New Windows RPC Exploit Hijacks Services, Allowing Full Active Directory Compromise, PoC Releases

Do Son August 12, 2025

Security researcher Ron Ben Yizhak from SafeBreach Labs has uncovered a novel attack technique dubbed Endpoint Mapper...

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation OneLogin Vulnerability, Active Directory Hack

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation

Do Son June 17, 2025

A recent investigation by SpecterOps has uncovered a chain of critical vulnerabilities in OneLogin’s Active Directory (AD)...

Microsoft Defender for Identity Flaw (CVE-2025-26685) Allows Unauthenticated Privilege Escalation

Do Son June 15, 2025

Researchers at NetSPI detailed a spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI). This flaw, while...

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available Windows Zero-Day Kerberos relay

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Do Son June 12, 2025

A newly disclosed vulnerability, CVE-2025-33073, revealed by RedTeam Pentesting GmbH, exposes a critical flaw in Microsoft Windows’...

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory Active Directory, GPO Persistence

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory

Do Son June 6, 2025

A newly published report by Antoine Cauchois, Staff Research Engineer at Tenable, reveals a stealthy persistence technique...

Windows Server 2025 “BadSuccessor” Flaw Allows Domain Takeover (PoC Available, No Patch)

Do Son May 27, 2025

Akamai security researcher Yuval Gordon has uncovered an Active Directory privilege escalation vulnerability in Windows Server 2025,...

Microsoft Issues Guidance to Combat Rising Kerberoasting Attacks

Do Son October 13, 2024

Microsoft has released new guidance to help organizations defend against Kerberoasting attacks, a growing threat to Active...

Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required Zyxel security - Mitel MiCollab Vulnerability

Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required

Do Son October 10, 2024

A recent security announcement from security researcher Serhii Boiarynov at the Zyxel EMEA team has uncovered malicious...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

active directory

Warlock Ransomware Evolves: New Tools and Kernel-Level Evasion Threaten Global Sectors

SentinelOne Unmasks Exploitation of FortiGate Appliances as Gateways to Network Takeover

PoC Exploit Disclosed: Researcher Unveils Windows MS-EVEN RPC Vulnerability

CVE-2026-24936: Critical ASUSTOR Flaw (CVSS 9.5) Allows Remote System Takeover

Zoho Patches Critical “9.1” Flaw in ADSelfService Plus

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA

Researcher Details Windows SMB Server Elevation of Privilege Vulnerability – CVE-2025-58726

Critical Samba RCE Flaw CVE-2025-10230 (CVSS 10.0) Allows Unauthenticated Command Injection on AD DCs

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch

Is This a Rebrand? New Sinobi Ransomware Group Shows Code Overlap with Lynx

The Win-DDoS Epidemic: New Flaws Weaponize Windows Domain Controllers for Massive DoS Attacks, PoC Releases

EPM Poisoning (CVE-2025-49760): New Windows RPC Exploit Hijacks Services, Allowing Full Active Directory Compromise, PoC Releases

OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation

Microsoft Defender for Identity Flaw (CVE-2025-26685) Allows Unauthenticated Privilege Escalation

Zero-Day Alert: Remotely Escalate Privileges to SYSTEM via Kerberos Relay – PoC Available

Weaponizing Group Policy: Custom Client-Side Extensions as a Stealthy Backdoor into Active Directory

Windows Server 2025 “BadSuccessor” Flaw Allows Domain Takeover (PoC Available, No Patch)

Microsoft Issues Guidance to Combat Rising Kerberoasting Attacks

Zyxel Devices Targeted by Malicious Actors: Urgent Firmware Update Required