LIVETHREAT INTELLIGENCE

NVD/NISTCVE-2025-29927 — Next.js Middleware Auth Bypass · All versions <15.2.3 affectedCRITICAL 9.1◆AlienVault OTXAPT29 (Cozy Bear) — Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3◆Recorded FutureCl0p Ransomware — MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5◆Shodan22,000+ Redis Instances Exposed on Port 6379 — No Auth — Cryptominer RiskHIGH 8.9◆VirusTotalCVE-2025-21298 — Windows OLE Remote Code Execution · CISA KEV Catalog AddedCRITICAL 9.8◆Censys14,500+ Exposed Kubernetes API Servers Detected — Anonymous Access EnabledHIGH 8.7◆AlienVault OTXFIN7 Carbanak Group — New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4◆NVD/NISTCVE-2025-24813 — Apache Tomcat RCE via Partial PUT · Exploit Code PublicCRITICAL 9.8◆Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed · PII + Insurance DataHIGH 8.1◆VirusTotalLumma Stealer v4.1 — New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6◆NVD/NISTCVE-2025-30065 — Apache Parquet RCE via Schema Parsing · CVSS Maximum ScoreCRITICAL 10.0◆Recorded FutureSalt Typhoon (China) — Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2◆VirusTotalDragonForce Ransomware — New Affiliate Program Attracting LockBit DefectorsHIGH 8.5◆ShodanCitrix NetScaler Bleed (CVE-2023-4966) — 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4◆CensysIvanti Connect Secure 0-Day Chain — Nation-State Actor Exploitation ConfirmedCRITICAL 9.0◆AlienVault OTXBEC Surge Q1 2026 — $3.1B in Wire Fraud · AI Voice Cloning in UseHIGH 7.9◆NVD/NISTCVE-2025-29927 — Next.js Middleware Auth Bypass · All versions <15.2.3 affectedCRITICAL 9.1◆AlienVault OTXAPT29 (Cozy Bear) — Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3◆Recorded FutureCl0p Ransomware — MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5◆Shodan22,000+ Redis Instances Exposed on Port 6379 — No Auth — Cryptominer RiskHIGH 8.9◆VirusTotalCVE-2025-21298 — Windows OLE Remote Code Execution · CISA KEV Catalog AddedCRITICAL 9.8◆Censys14,500+ Exposed Kubernetes API Servers Detected — Anonymous Access EnabledHIGH 8.7◆AlienVault OTXFIN7 Carbanak Group — New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4◆NVD/NISTCVE-2025-24813 — Apache Tomcat RCE via Partial PUT · Exploit Code PublicCRITICAL 9.8◆Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed · PII + Insurance DataHIGH 8.1◆VirusTotalLumma Stealer v4.1 — New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6◆NVD/NISTCVE-2025-30065 — Apache Parquet RCE via Schema Parsing · CVSS Maximum ScoreCRITICAL 10.0◆Recorded FutureSalt Typhoon (China) — Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2◆VirusTotalDragonForce Ransomware — New Affiliate Program Attracting LockBit DefectorsHIGH 8.5◆ShodanCitrix NetScaler Bleed (CVE-2023-4966) — 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4◆CensysIvanti Connect Secure 0-Day Chain — Nation-State Actor Exploitation ConfirmedCRITICAL 9.0◆AlienVault OTXBEC Surge Q1 2026 — $3.1B in Wire Fraud · AI Voice Cloning in UseHIGH 7.9◆

Security Intelligence

Cybersecurity Insights & News

Expert analysis, threat intelligence, and practical security guidance.

All Best Practices Incident Response Penetration Testing Security Awareness Threat Intelligence

Penetration Testing

Inside a Real SQL Injection Attack: How One Unvalidated Input Field Exposed 2.3 Million Records

A single unescaped query parameter in a legacy inventory API became the entry point for an attack that extract...

9 min read1,841 views

Penetration Testing

XSS in the Wild: How a Stored Cross-Site Script Hijacked Admin Sessions Across a Banking Portal

A stored XSS payload in a user-controlled comment field sat dormant for six weeks before it triggered â€” prec...

8 min read1,621 views

Penetration Testing

How We Cracked a Corporate Network in 4 Hours Using Only Kali Linux and OSINT

A full engagement narrative: starting with zero internal access, our team used open-source intelligence gather...

11 min read2,142 views

Penetration Testing

Linux Privilege Escalation Playbook: 7 Real-World Techniques We Use in Every Engagement

From SUID binaries to cron job hijacking, these are the seven privilege escalation techniques our red team use...

10 min read1,981 views

Penetration Testing

Web Application Bug Bounty Case Study: $25,000 Finding in an Airline Rewards API

A broken object-level authorization (BOLA) vulnerability in an airline loyalty API allowed any authenticated u...

8 min read2,312 views

Penetration Testing

Wireless Network Penetration: How We Compromised a WPA2-Enterprise Network at a Fortune 500

WPA2-Enterprise is widely considered secure. During a physical penetration test of a Fortune 500 headquarters,...

9 min read1,871 views