July 16, 2024 (rumored) Validation Status: Unconfirmed but reported by two independent researchers
A curated list of the most anticipated and mainstream titles released that week (typically from major publishers like Marvel, DC, Image, and IDW).
Amazing Spider-Man #54, Blood Hunt #5 (conclusion of a major event), and Incredible Hulk #14. 0-day and Hitlist Week -07-17-2024- Report Torr...
Batman #150, Green Lantern #13, and Superman #16. Image Comics: #12 and Spawn #355.
The Hitlist is updated weekly, often hours before major ransomware waves. July 16, 2024 (rumored) Validation Status: Unconfirmed but
High-priority patches included CVE-2024-38074 and CVE-2024-38076 , which affected Windows Remote Desktop Licensing Services and had perfect CVSS scores of 9.8 .
A cyber-espionage group tracked as APT-Q-43 (likely state-sponsored) injected the exploit into popular news portals in Southeast Asia. Victims redirect to a second-stage payload delivery server hosting the Cobalt Strike Beacon. Image Comics: #12 and Spawn #355
The week of July 17, 2024, is a stark reminder that 0-day vulnerabilities and prioritized target lists are no longer the exclusive domain of nation-state actors. Commoditized exploits and transparent Hitlists on criminal forums have democratized sophisticated attacks, putting every midsize and enterprise organization at risk.
The report notes that the Hitlist is actively used by ransomware cartels (LockBit 3.0 affiliates, BlackCat/ALPHV remnants, and a new group called "Stanley Ransomware") to coordinate attacks without double-paying for access.