@huntandhackett.com
We are experts in cybersecurity, our specialists operate on the frontlines to help customers prevent, detect and respond to today’s most advanced adversaries. Visit our website: www.huntandhackett.com
The 2026 edition of our Trend Report is out now ⬇️
Underpinned by data from more than 54,000 investigations conducted by our SOC and Incident Response team in 2025, the report provides a bottom-up view of the threats facing Dutch organisations.
Download here: www.huntandhackett.com/2026-cyber-t...
ENISA released its Threat Landscape 2025.
It offers a detailed look at how Europe’s cyber ecosystem is evolving. The picture that emerges shows growing strain, where interconnected systems and persistent threats keep testing resilience.
Read the report here: www.enisa.europa.eu/publications...
🔐 New #blogpost
At H2, we recently moved from authenticator apps to #YubiKey (FIDO2) for company-wide MFA in Entra ID.
Why? Because it enables phishing-resistant, passwordless sign-ins at scale, raising the bar for our security.
Read about our journey here: www.huntandhackett.com/blog/raising...
Cyber espionage impacts more organisations than you think.
Join our next CyberConnect on Sept 9 in The Hague to learn how these operations work, who gets targeted, and see a live demo of tracking campaigns.
Sign up today: www.huntandhackett.com/understandin...
Hope you enjoy these as much as we did!
What’s the best thing you’ve read, watched, or tinkered with lately? Drop it in the comments! Our Hunters are always looking for their next rabbit hole. 🔍
🧵 7/7
𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐂𝐡𝐚𝐥𝐥𝐞𝐧𝐠𝐞𝐬 𝐢𝐧 𝐀𝐈 𝐀𝐠𝐞𝐧𝐭 𝐃𝐞𝐩𝐥𝐨𝐲𝐦𝐞𝐧𝐭
The largest AI agent red team ever: 1.8 million prompt-injection attacks, 60k policy violations, and proof that most agents still have a long way to go.
👉 arxiv.org/abs/2507.20526
🧵 6/7
𝐂𝐈𝐒-𝐇𝐚𝐫𝐝𝐞𝐧𝐞𝐝 𝐃𝐞𝐛𝐢𝐚𝐧 12 𝐀𝐌𝐈
A reproducible recipe for spinning up a CIS-benchmarked Debian AMI. Cloud-init friendly, and only skips the rules that actually make sense to skip.
👉 behzadan.com/posts/0004-c...
🧵5/7
𝐅𝐨𝐫𝐭𝐢𝐖𝐞𝐛 𝐏𝐫𝐞-𝐀𝐮𝐭𝐡 𝐑𝐂𝐄
From SQL injection to RCE in Fortinet’s WAF. Creative payloads, root-level fun, and a few laughs along the way.
👉 pwner.gg/blog/2025-07...
🧵 4/7
𝐂𝐫𝐚𝐜𝐤𝐢𝐧𝐠 𝐭𝐡𝐞 𝐕𝐚𝐮𝐥𝐭
Nine zero-days in HashiCorp Vault. Subtle logic flaws, the first public RCE in Vault, and a reminder that “secure” isn’t always secure.
👉 cyata.ai/blog/crackin...
🧵3/7
𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠 𝐒𝐩𝐞𝐜𝐢𝐚𝐥𝐢𝐬𝐭 𝐌𝐨𝐝𝐞𝐥𝐬
Small, self-hosted LLMs that can outshine the big guys — if you train them for one very specific, very sneaky job.
👉 www.outflank.nl/blog/2025/08...
🧵2/7
𝐖𝐡𝐚𝐭 𝐚𝐫𝐞 𝐨𝐮𝐫 𝐇𝐮𝐧𝐭𝐞𝐫𝐬 𝐢𝐧𝐭𝐨 𝐫𝐢𝐠𝐡𝐭 𝐧𝐨𝐰? 👀
We stumble across so many good things from the cybersecurity community and beyond, and we thought it'd be nice to share them.
So, here are some of the things our Hunters have been diving into lately:
🧵1/7
⚠️ Malware campaigns are hijacking SEO to trick users into downloading fake tools like PuTTY and ChatGPT.
A recent article by @thehackernews.bsky.social shows over 8,500 SMB users were targeted.
Head over to their website to read the full article: thehackernews.com/2025/07/seo-...
Threat Actor Profile: Sandworm
Linked to Russia’s GRU and active in 60+ countries, Sandworm targets critical infrastructure with sabotage, espionage, and disruption. Curious to learn more about this APT? Explore their threat profile in our Members' Portal:
www.huntandhackett.com/members/acto...
🚨New #blogpost: This week we’re unpacking our journey using open-source software to build a cloud-based IR lab from scratch, highlighting key obstacles and how we turned them into opportunities.
🔗https://www.huntandhackett.com/blog/turning-incident-response-challenges-into-scalable-solutions
Launching #DetectionsFromTheSOC 🚀
We're excited to announce our new series, 𝘋𝘦𝘵𝘦𝘤𝘵𝘪𝘰𝘯𝘴 𝘧𝘳𝘰𝘮 𝘵𝘩𝘦 𝘚𝘖𝘊, in which we share a behind-the-scenes look of how our SOC detects, investigates, and responds to real-world threats.
Head on over to our LinkedIn to check it out: www.linkedin.com/feed/update/...
🎤 We’re taking the stage at Hague TIX on June 10!
Hunt & Hackett is proud to sponsor and speak at one of Europe’s leading threat intel events. Diving into strategic cyber defence, Lazarus & SeaTurtle ops, and Europe’s cyber resilience.
#HagueTIX #ThreatIntel
Our next CyberConnect session is coming up: Security in Motion!
Visit our website for more information, and to sign-up:
www.huntandhackett.com/security-in-...
🚨 New blog!
We dive into reverse-engineering AFD.sys (a hidden part of Windows networking) to surface live socket data from other processes. This unlocks new capabilities for forensics, debugging, and reverse engineering.
Read it here: www.huntandhackett.com/blog/improvi...
We've updated our threat landscape on the logistics sector 🚛
On it, you'll find detailed actor overviews, analyses of recent cyberattacks in the logistics sector, and insights into emerging cybersecurity trends.
Curious? Take a look: www.huntandhackett.com/members/sect...
Op 16 mei organiseren we een interactieve workshop voor advocaten die cliënten adviseren op het gebied van privacy, informatiebeveiliging en incident response.
Meer informatie kun je vinden op onze website: www.huntandhackett.com/crisisworksh...
Join us at Google Amsterdam for our next session:
Securing Operational Technology: Fast Response, Strong Recovery
We’re hosting a session on how to boost operational resilience, secure OT environments, and align with evolving regulations.
Sign-up now:
www.huntandhackett.com/securing-ot
Yesterday, our security experts discussed the evolving threat landscape surrounding the upcoming NATO summit in The Hague.
A great opportunity to highlight cyber threats beyond the traditional security community; cross-domain awareness is key in today’s threat landscape.
Our hunters tackled the 44th edition NN Marathon Rotterdam! 🏁
Their legs might be sore today, but the bliss of victory was more than worth it. After all, every win starts with a challenge.
Huge respect to everyone who took on #demooiste with us. See you at the next one.
New #blog post in collaboration with Xebia ⚔️
As businesses become more interconnected, Operational Technology (OT) is increasingly targeted by cyber threats. In this blog, we explore OT security and raise awareness about its growing risks.
Read it here: www.huntandhackett.com/blog/evolvin...
🌎With the U.S. deprioritizing Russian cyber threats, barriers that once deterred Russian hackers from targeting Europe are fading.
Is your organization prepared?
www.bbc.com/news/article...
Excited to share our 2025 Trend Report, which explores key themes shaping the cybersecurity landscape, including the #cybercrime economy, the impact of #GenAI, nation-state threats, the #NIS2 Directive, and more!
Download the full report here: www.huntandhackett.com/2025-trend-r...
🚜 We've updated our Threat Landscape of the Agriculture sector 🌱
Find out about all our latest insights - including APTs, TTPs, recent developments, and a look behind-the-scenes - here ➡️ huntandhackett.com/threats/sect...
#CyberSecurity #Agriculture #ThreatIntel #ThreatLandscape
🚨Dutch universities are facing more cyberattacks than ever - but many still lack the security measures to stop them.
In an interview with @telegraaf.nl, our co-founder Ronald Prins stresses the need for a proactive cybersecurity approach.
Read the article here ➡️ www.telegraaf.nl/nieuws/29515...
Find out more about how different threat actors operate and the evolving threat landscape by visiting our member portal.
Become a member: www.huntandhackett.com/members/regi...
Direct (member) link: www.huntandhackett.com/_hcms/mem/lo...
7/7
While TU Eindhoven works on mitigating the incident, it’s worth asking: how do we ensure that institutions leading in innovation can continue to do so securely? Are we doing enough to protect the data and research that drive progress? Or how can we help, let us know!
6/7