From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

In this article 1. Attack chain overview 1. Initial access: Exploiting edge appliances 2. Discovery and reconnaissance 3. Lateral movement and identity compromise 2. Mitigation and protection guidance 1. Microsoft Defender XDR detections 2. Advanced hunting 3. Indicators of compromise IOC 4. MITR...

CVE-2026-42889

Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were incorrectly treated as having full...

CVE-2025-65176

Dynatrace OneAgent (versions before 1.325.47) is vulnerable: when accessing a remote network share and encountering STATUS_LOGON_FAILURE, the agent retrieves all user tokens on the machine and impersonates them to repeatedly access the share, enabling potential NTLM relay attacks. Affected compon...

Octopus Server 安全漏洞

Octopus Server is an automated deployment platform. Octopus Server suffers from a security vulnerability that stems from a Git connection checker that can initiate an SMB connection, leading to an NTLM relay attack...