LIVETHREAT INTELLIGENCE
NVD/NISTCVE-2025-29927 β€” Next.js Middleware Auth Bypass Β· All versions <15.2.3 affectedCRITICAL 9.1β—†AlienVault OTXAPT29 (Cozy Bear) β€” Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3β—†Recorded FutureCl0p Ransomware β€” MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5β—†Shodan22,000+ Redis Instances Exposed on Port 6379 β€” No Auth β€” Cryptominer RiskHIGH 8.9β—†VirusTotalCVE-2025-21298 β€” Windows OLE Remote Code Execution Β· CISA KEV Catalog AddedCRITICAL 9.8β—†Censys14,500+ Exposed Kubernetes API Servers Detected β€” Anonymous Access EnabledHIGH 8.7β—†AlienVault OTXFIN7 Carbanak Group β€” New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4β—†NVD/NISTCVE-2025-24813 β€” Apache Tomcat RCE via Partial PUT Β· Exploit Code PublicCRITICAL 9.8β—†Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed Β· PII + Insurance DataHIGH 8.1β—†VirusTotalLumma Stealer v4.1 β€” New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6β—†NVD/NISTCVE-2025-30065 β€” Apache Parquet RCE via Schema Parsing Β· CVSS Maximum ScoreCRITICAL 10.0β—†Recorded FutureSalt Typhoon (China) β€” Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2β—†VirusTotalDragonForce Ransomware β€” New Affiliate Program Attracting LockBit DefectorsHIGH 8.5β—†ShodanCitrix NetScaler Bleed (CVE-2023-4966) β€” 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4β—†CensysIvanti Connect Secure 0-Day Chain β€” Nation-State Actor Exploitation ConfirmedCRITICAL 9.0β—†AlienVault OTXBEC Surge Q1 2026 β€” $3.1B in Wire Fraud Β· AI Voice Cloning in UseHIGH 7.9β—†NVD/NISTCVE-2025-29927 β€” Next.js Middleware Auth Bypass Β· All versions <15.2.3 affectedCRITICAL 9.1β—†AlienVault OTXAPT29 (Cozy Bear) β€” Active Spear-Phishing Campaign Targeting NATO DiplomatsCRITICAL 9.3β—†Recorded FutureCl0p Ransomware β€” MOVEit-style Campaign Targeting MFT Solutions GloballyCRITICAL 9.5β—†Shodan22,000+ Redis Instances Exposed on Port 6379 β€” No Auth β€” Cryptominer RiskHIGH 8.9β—†VirusTotalCVE-2025-21298 β€” Windows OLE Remote Code Execution Β· CISA KEV Catalog AddedCRITICAL 9.8β—†Censys14,500+ Exposed Kubernetes API Servers Detected β€” Anonymous Access EnabledHIGH 8.7β—†AlienVault OTXFIN7 Carbanak Group β€” New JavaScript Backdoor Targeting Retail POS SystemsHIGH 8.4β—†NVD/NISTCVE-2025-24813 β€” Apache Tomcat RCE via Partial PUT Β· Exploit Code PublicCRITICAL 9.8β—†Recorded FutureDark Web Auction: 2.1M U.S. Healthcare Records Listed Β· PII + Insurance DataHIGH 8.1β—†VirusTotalLumma Stealer v4.1 β€” New Evasion Bypass for Windows Defender SmartScreenHIGH 8.6β—†NVD/NISTCVE-2025-30065 β€” Apache Parquet RCE via Schema Parsing Β· CVSS Maximum ScoreCRITICAL 10.0β—†Recorded FutureSalt Typhoon (China) β€” Telco Backdoors Persist in 3 U.S. Carriers Post-DisclosureCRITICAL 9.2β—†VirusTotalDragonForce Ransomware β€” New Affiliate Program Attracting LockBit DefectorsHIGH 8.5β—†ShodanCitrix NetScaler Bleed (CVE-2023-4966) β€” 4,800 Unpatched Hosts Still ExploitableCRITICAL 9.4β—†CensysIvanti Connect Secure 0-Day Chain β€” Nation-State Actor Exploitation ConfirmedCRITICAL 9.0β—†AlienVault OTXBEC Surge Q1 2026 β€” $3.1B in Wire Fraud Β· AI Voice Cloning in UseHIGH 7.9β—†
Free Pilot Program

30-Day Free Security Pilot

Experience HorizonShield with a risk-free 30-day pilot. Full assessment, platform access, and expert support β€” completely free.

What's Included

πŸ”
Initial Security Assessment

Comprehensive review of your current security posture.

πŸ›‘οΈ
Full Platform Access

Complete access to all tools, intel, and academy for 30 days.

πŸ“Š
Threat Intelligence Reports

Weekly reports tailored to your industry.

πŸ‘¨β€πŸ’Ό
Dedicated Security Advisor

Direct access to a senior consultant.

πŸ“‹
Security Roadmap

Customized 90-day improvement plan at no charge.

🚫
No Commitment

No credit card, no auto-renewal, no obligation.

⏰
Limited Spots Available

We accept a maximum of 10 new pilot participants per month to ensure quality.

Apply for the Pilot

We'll contact you within 1 business day.