Recent AD News Archives - Windows Active Directory

Legacy D-Link DSL Routers Exploited via Unauthenticated DNS Hijacking (CVE-2026-0625)

January 12, 2026

LA critical command-injection flaw in legacy (end-of-life) D-Link DSL gateway routers is being actively exploited to achieve unauthenticated remote code execution (RCE) and silent DNS setting changes (DNS hijacking). What happened (and why it matters) The bug is tracked as CVE-2026-0625 (CVSS 9.3) and sits in the router CGI endpoint dnscfg.cgi, where DNS configuration parameters aren’t properly…

Recent AD News Recent Posts Top Read Articles

Google patches Chrome zero-day CVE-2025-10585 — active V8 exploit; update now

September 23, 2025

Google patches Chrome zero‑day CVE‑2025‑10585 — active V8 exploit; update now Critical zero‑day Google patches Chrome zero‑day CVE‑2025‑10585 — active V8 exploit; update now Published: September 19, 2025 • Last updated: September 23…

Active Directory Fundamentals Active Directory Policies Recent AD News Top Read Articles

DNS delegation architectures for multi-forest environments

September 5, 2025

Architecture • DNS • Active Directory If you run more than one Active Directory forest, DNS is the fabric that lets users, apps, and domain controllers in one forest reliably find resources in another. The right DNS delegation architecture makes cross-forest name resolution fast, secure, and predictable—even in hybrid cloud. Guide + Comparison Updated: 5 Sep 2025 Reading time: ~16–18…

Recent AD News Recent Posts Top Read Articles

FIDO Downgrade Attack Hits Microsoft Entra ID

September 2, 2025

Researchers show how spoofing unsupported browsers can force users off passkeys, exposing Entra ID accounts to phishing and session hijack. Who/What/When: On August 13, 2025, security researchers detailed a FIDO downgrade attack against Microsoft Entra ID that manipulates login flows to sidestep passkeys. Where/Why: By spoofing an unsupported browser, attackers trigger an error that removes…

Hand-picked Resources Recent AD News Recent Posts

Storm-0501 Exploits Microsoft Entra ID to Wipe and Ransom Azure Data

September 1, 2025

In August 2025, Microsoft warned that Storm-0501, a financially motivated ransomware group, is abusing Microsoft Entra ID and hybrid Active Directory synchronization accounts to seize control of entire cloud environments. Victims reported that attackers exfiltrated Azure data, deleted backups, and issued ransom demands over Microsoft Teams. For IT admins and security engineers, this marks a…

Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

May 2, 2022

According to researchers, the China-backed APT named Naikon (also known as ‘Override Panda’) has shown up again. The group masterminded a recent phishing campaign that was carried out to steal confidential information assets. Also known as Hellsing, and Bronze Geneva, Naikon is a known nation-state actor that has been working on behalf of China since 2005. The group was first…

Recent AD News

Bumblebee: A new malware loader on the prowl

April 28, 2022

A latest report by Proofpoint has uncovered that attackers are using a new malware loader named Bumblebee. These threat actors were previously known for delivering BazaLoader and IcedID loaders. According to the write-up, Bumblebee, a sophisticated malware loader, has been active in the cyberspace since March 2022, post the absence of BazaLoader. It must be noted that Bumblebee is capable of…

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

April 25, 2022

The FBI has issued a warning on the lethal Blackcat/ALPHV ransomware as a service (RaaS), which is currently on prowl. The malware family was responsible for compromising accounts spanning over sixty organizations, with attacks spanning from November 2021 till March this year. In their flash report, the FBI detailed the indicators of compromise (IOC) and tactics, techniques and procedures…

Recent AD News

Israel's Pegasus spyware finds a new target

April 13, 2022

A new report from Reuters suggests that EU officials were allegedly targeted by the NSO group’s Pegasus spyware. The report stated that atleast five individuals were spied upon by unknown entities using the infamous malware. In addition to two unnamed EU officials, the list of victims also include Didier Reynders,a senior Belgian official who has served as the European Justice…

Recent AD News

Researchers warn of two info-stealers on the prowl targeting users

April 12, 2022

With data breaches and information stealing becoming a prevalent sight in cyberspace, researchers have now warned the looming presence of two info-stealers, namely FFDroider and Lightning Stealer, which are capable of stealing sensitive information while launching further attacks. An official statement released by ZScaler based cybersecurity researchers Avinash Kumar and Niraj Shivtarkar…

Recent AD News

Legacy D-Link DSL Routers Exploited via Unauthenticated DNS Hijacking (CVE-2026-0625)

Google patches Chrome zero-day CVE-2025-10585 — active V8 exploit; update now

DNS delegation architectures for multi-forest environments

FIDO Downgrade Attack Hits Microsoft Entra ID

Storm-0501 Exploits Microsoft Entra ID to Wipe and Ransom Azure Data

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Bumblebee: A new malware loader on the prowl

FBI issues alert: A lethal ransomware that breached 60 companies

Israel's Pegasus spyware finds a new target

Researchers warn of two info-stealers on the prowl targeting users

Featured Posts

What is Azure Data Factory (ADF)?

How to demote a Domain Controller: A step-by-step guide

Healthcare data Breaches down almost 50 percent in the first month of 2021

Popular with Readers

Active Directory Users and Computers (ADUC) - An introduction and installation guide

Active Directory Sites

Active Directory Password Policy

Recently Added

Legacy D-Link DSL Routers Exploited via Unauthenticated DNS Hijacking (CVE-2026-0625)

Migrating from AD FS to Azure AD SSO

Role-based access control (RBAC) in Azure