CVE-2025-7443: Unrestricted Upload of File with Dangerous Type in BerqWP Plugin, 8.1 rating❗️
Lack of file validation allows attackers to upload arbitrary files, which can lead to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/puxoz
👉 Dork: http.body:"plugins/searchpro"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/searchpro/berqwp-2242-unauthenticated-arbitrary-file-upload
Lack of file validation allows attackers to upload arbitrary files, which can lead to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/puxoz
👉 Dork: http.body:"plugins/searchpro"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/searchpro/berqwp-2242-unauthenticated-arbitrary-file-upload
1❤4🔥2👾2
Hannibal Stealer Part 2: Unmasking the Modular Threat 🔓
Explore Hannibal’s evolution into a modular stealer — complete with browser cookie bypasses, Telegram & HTTP C2 channels, FTP/VPN/crypto theft modules, and clipboard hijacking — and learn how to detect and disrupt its operations.
👉 Read now: https://netlas.io/blog/hannibal_stealer_part_2/
Explore Hannibal’s evolution into a modular stealer — complete with browser cookie bypasses, Telegram & HTTP C2 channels, FTP/VPN/crypto theft modules, and clipboard hijacking — and learn how to detect and disrupt its operations.
👉 Read now: https://netlas.io/blog/hannibal_stealer_part_2/
netlas.io
Hannibal Stealer: A Deep Technical Analysis - Netlas Blog
In-depth analysis of Hannibal Stealer’s evolution, attack chain, credential theft, and data exfiltration techniques based on leaked code.
2🔥8❤3😎2👾2👍1
🚧 Planned Maintenance 🚧
The application may be unavailable for a period of time❗️
On Sunday, August 3, 2025, at 08:00 UTC ⏰, we will servicing the Netlas load balancer. In case of problems, the application may be unavailable for a couple of hours. Our team will do everything possible to prevent this.
Please remember to save your work before this time.
The application may be unavailable for a period of time❗️
On Sunday, August 3, 2025, at 08:00 UTC ⏰, we will servicing the Netlas load balancer. In case of problems, the application may be unavailable for a couple of hours. Our team will do everything possible to prevent this.
Please remember to save your work before this time.
👍5💊4
The $1.5 B Bybit Hack & How OSINT Cracked the Case 🔍
On February 21, 2025, the Lazarus Group tricked a Safe{Wallet} developer into approving malicious multisig transactions — netting over $1.4 billion from Bybit’s cold wallet — and covered their tracks with targeted JavaScript injection.
In our latest article, see how open-source sleuthing linked the heist to North Korea’s premier APT and learn the OSINT techniques that unraveled this record-breaking crypto theft.
👉 Read now: https://netlas.io/blog/bybit_hack
On February 21, 2025, the Lazarus Group tricked a Safe{Wallet} developer into approving malicious multisig transactions — netting over $1.4 billion from Bybit’s cold wallet — and covered their tracks with targeted JavaScript injection.
In our latest article, see how open-source sleuthing linked the heist to North Korea’s premier APT and learn the OSINT techniques that unraveled this record-breaking crypto theft.
👉 Read now: https://netlas.io/blog/bybit_hack
netlas.io
The $1.5B Bybit Hack & How OSINT Led to Its Attribution - Netlas Blog
Insights on the record-breaking Lazarus heist: how social engineering, AWS token hijacking, and Safe{Wallet} code injection enabled the Bybit hack.
👍7👾3
CVE-2025-53786: Elevation of Privilege in Microsoft Exchange, 8.0 rating❗️
A vulnerability in Microsoft Exchange hybrid configurations could potentially allow an attackers with high local privileges to escalate their privileges in an organization's cloud infrastructure.
Search at Netlas.io:
👉 Link: https://nt.ls/GBh5M
👉 Dork: tag.name:"microsoft_exchange"
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53786
A vulnerability in Microsoft Exchange hybrid configurations could potentially allow an attackers with high local privileges to escalate their privileges in an organization's cloud infrastructure.
Search at Netlas.io:
👉 Link: https://nt.ls/GBh5M
👉 Dork: tag.name:"microsoft_exchange"
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53786
🔥3🥰1👾1
CVE-2025-50055: SAML Injection in OpenVPN Access Server, high rating❗️
The vulnerability allows an attacker to perform JavaScript injection via SAML relaystate, potentially leading to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/uLSQx
👉 Dork: http.headers.server:"OpenVPN-AS"
Vendor's advisory: https://ssg-dev.openvpn.net/as-docs/as-3-0-release-notes.html#access-server-3-0-versions
The vulnerability allows an attacker to perform JavaScript injection via SAML relaystate, potentially leading to RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/uLSQx
👉 Dork: http.headers.server:"OpenVPN-AS"
Vendor's advisory: https://ssg-dev.openvpn.net/as-docs/as-3-0-release-notes.html#access-server-3-0-versions
👾5
I, Robot + NIST AI RMF: Prevent the Great Robot Uprising 🤖
Thinking your toaster couldn’t lead an army? Think again.
In our latest article, we use classic scenes from I, Robot to break down the NIST AI Risk Management Framework’s four pillars — Map, Measure, Manage, Govern — so you can keep your AIs on task (and off the march).
👉 Read now: https://netlas.io/blog/nist_ai_rmf/
Thinking your toaster couldn’t lead an army? Think again.
In our latest article, we use classic scenes from I, Robot to break down the NIST AI Risk Management Framework’s four pillars — Map, Measure, Manage, Govern — so you can keep your AIs on task (and off the march).
👉 Read now: https://netlas.io/blog/nist_ai_rmf/
netlas.io
I, Robot + NIST AI RMF = Complete Guide on Preventing Robot Rebellion - Netlas Blog
A funny way to learn NIST AI Risk Management Framework through classic movie examples. Discover AI safety concepts via I, Robot's memorable scenes and real cases.
😁3👾3👍2🔥1
CVE-2025-54253 and CVE-2025-54254: Arbitrary code execution in Adobe Experience Manager CMS
Adobe is aware that CVE-2025-54253 and CVE-2025-54254 have a publicly available proof-of-concept. Adobe is not aware of these issues being exploited in the wild.
Search at Netlas.io:
👉 Link: https://nt.ls/MngFC
👉 Dork: tag.name:"adobe_experience_manager"
Vendor's advisory: https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html
Adobe is aware that CVE-2025-54253 and CVE-2025-54254 have a publicly available proof-of-concept. Adobe is not aware of these issues being exploited in the wild.
Search at Netlas.io:
👉 Link: https://nt.ls/MngFC
👉 Dork: tag.name:"adobe_experience_manager"
Vendor's advisory: https://helpx.adobe.com/security/products/aem-forms/apsb25-82.html
🔥4👾2
👨💻 Want to level up your bug bounty skills? Check out these top-rated courses for 2025! From beginners to experts, there's something for everyone.
👉 Read now: https://netlas.io/blog/best_bug_boounty_courses/
👉 Read now: https://netlas.io/blog/best_bug_boounty_courses/
netlas.io
Bug Bounty 101: The Best Courses to Get Started in 2025 - Netlas Blog
Explore the best bug bounty courses to kickstart or boost your security career. Picks for every skill level, learning style, and budget.
🔥4❤2
CVE-2025-7384: Critical PHP Object Injection in WordPress Plugin
A critical vulnerability has been found in the Database for Contact Form 7, WPForms, and Elementor forms WordPress plugin. Since this is a backend-only plugin, it is not directly detectable through standard search dorks. Supported frontend plugins could help determine the scope. However, only about 1% of hosts identified this way are actually vulnerable.
🔍 Netlas: https://nt.ls/Be3g6
ℹ️ Advisory: https://nt.ls/RoI8t
A critical vulnerability has been found in the Database for Contact Form 7, WPForms, and Elementor forms WordPress plugin. Since this is a backend-only plugin, it is not directly detectable through standard search dorks. Supported frontend plugins could help determine the scope. However, only about 1% of hosts identified this way are actually vulnerable.
🔍 Netlas: https://nt.ls/Be3g6
ℹ️ Advisory: https://nt.ls/RoI8t
🔥4👾2👍1🥰1
CVE-2025-27210 – High Severity Path Traversal in Node.js (Windows)
One of our Netlas users identified a serious flaw in Windows builds of Node.js and asked us to inform the community. Any web app running Node.js 20.x before 20.19.4, 22.x before 22.17.1, or 24.x before 24.4.1 on Windows may be at risk of unauthorized file access through path traversal.
⚡️ Update immediately
ℹ️ Advisory: https://nt.ls/YX7xc
One of our Netlas users identified a serious flaw in Windows builds of Node.js and asked us to inform the community. Any web app running Node.js 20.x before 20.19.4, 22.x before 22.17.1, or 24.x before 24.4.1 on Windows may be at risk of unauthorized file access through path traversal.
⚡️ Update immediately
ℹ️ Advisory: https://nt.ls/YX7xc
❤3👍2🔥1
CVE-2025-20265 — Critical RCE in Cisco Secure Firewall Management Center (CVSS 10).
Exploitable by unauthenticated attackers when RADIUS authentication is enabled; affects FMC 7.0.7 & 7.7.0. We see <200 internet-exposed on-prem FMCs (cloud-hosted cdFMC excluded).
🔍 Netlas: https://nt.ls/E5j8D
ℹ️ Advisory: https://nt.ls/C3hPx
Exploitable by unauthenticated attackers when RADIUS authentication is enabled; affects FMC 7.0.7 & 7.7.0. We see <200 internet-exposed on-prem FMCs (cloud-hosted cdFMC excluded).
🔍 Netlas: https://nt.ls/E5j8D
ℹ️ Advisory: https://nt.ls/C3hPx
🔥5❤1
Meet Kanvas — an open-source incident response tool that turns chaos into clarity with built-in visualizations, intel lookups, and teamwork-friendly features.
This post, written by an experienced security analyst for fellow security analysts, breaks down how Kanvas can supercharge your IR workflow.
👉 Read the post: https://netlas.io/blog/kanvas/
This post, written by an experienced security analyst for fellow security analysts, breaks down how Kanvas can supercharge your IR workflow.
👉 Read the post: https://netlas.io/blog/kanvas/
netlas.io
From Chaos to Control: Kanvas Incident Management Tool - Netlas Blog
Kanvas: Open-source DFIR case management that streamlines incident response, turning Spreadsheet of Doom chaos into organized, efficient investigations.
👍3🔥3
🚀 Netlas v1.3.0 is live!
This update doubles the number of scanned ports, adds protocol detection to public scans, boosts vulnerability coverage, and makes downloads lightning-fast.
Explore what’s new 👉 https://docs.netlas.io/changelog/#netlas-v1-3-0
This update doubles the number of scanned ports, adds protocol detection to public scans, boosts vulnerability coverage, and makes downloads lightning-fast.
Explore what’s new 👉 https://docs.netlas.io/changelog/#netlas-v1-3-0
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
🔥5❤🔥1🙏1
⚠️ Today, 2025-08-22, starting from 04:30 UTC, we began experiencing a major service outage.
The issue has been localized to a problem within our database cluster. Our engineering team is actively working to resolve the issue and restore full service as quickly as possible. We will continue to provide updates as we make progress.
The issue has been localized to a problem within our database cluster. Our engineering team is actively working to resolve the issue and restore full service as quickly as possible. We will continue to provide updates as we make progress.
💊6👍1
CVE-2025-26496 and other: Multiple vulnerabilities in Tableau Server, 7.7 - 9.6 rating 🔥
Five new vulnerabilities in Tableau Server include Type Confusion, Path Traversal, Dangerous File Uploads and Improper Input Validation.
Search at Netlas.io:
👉 Link: https://nt.ls/gsuQl
👉 Dork: http.headers.server:"Tableau"
Read more: https://help.salesforce.com/s/articleView?id=005132575&type=1
Five new vulnerabilities in Tableau Server include Type Confusion, Path Traversal, Dangerous File Uploads and Improper Input Validation.
Search at Netlas.io:
👉 Link: https://nt.ls/gsuQl
👉 Dork: http.headers.server:"Tableau"
Read more: https://help.salesforce.com/s/articleView?id=005132575&type=1
🔥3👾2❤1
CVE-2025-57819: Authentication Bypass in FreePBX Administrator, 10.0 rating 🔥🔥🔥
A critical zero-day vulnerability in FreePBX could allow an attacker to perform SQL injection and RCE. Exploitation has already been observed in the wild!
Search at Netlas.io:
👉 Link: https://nt.ls/ebwk9
👉 Dork: http.favicon.hash_sha256:dfc3cc989bec09d968e978cde336709c655fa85469fd482ac10e17942da80be9
Vendor's advisory: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m42g-xg4c-5f3h
A critical zero-day vulnerability in FreePBX could allow an attacker to perform SQL injection and RCE. Exploitation has already been observed in the wild!
Search at Netlas.io:
👉 Link: https://nt.ls/ebwk9
👉 Dork: http.favicon.hash_sha256:dfc3cc989bec09d968e978cde336709c655fa85469fd482ac10e17942da80be9
Vendor's advisory: https://github.com/FreePBX/security-reporting/security/advisories/GHSA-m42g-xg4c-5f3h
🔥3👾3
Vibe-Coding Security Risks: When AI Ships Insecurity ⚠️
AI helps you ship code fast — and sometimes ships vulnerabilities faster.
In our latest article, learn how vibe-coding introduces issues like package hallucination, typosquatting, weak auth, and exposed configs, see real-world fallout, and get practical steps to secure AI-generated code.
👉 Read now: https://netlas.io/blog/vibe-coding-security-risks/
AI helps you ship code fast — and sometimes ships vulnerabilities faster.
In our latest article, learn how vibe-coding introduces issues like package hallucination, typosquatting, weak auth, and exposed configs, see real-world fallout, and get practical steps to secure AI-generated code.
👉 Read now: https://netlas.io/blog/vibe-coding-security-risks/
netlas.io
Top Vibe-Coding Security Risks - Netlas Blog
Why can vibe-coding with AI cause costly breaches that developers may miss? Let's find out!
❤5👾2👏1
CVE-2025-57833: SQL Injection in Django, 7.1 rating❗️
A vulnerability in some versions of the Django framework allows attackers to access sensitive data if a web application uses insecure versions.
Search at Netlas.io:
👉 Link: https://nt.ls/gu9dj
👉 Dork: tag.name:"django"
Read more: https://www.cve.org/CVERecord?id=CVE-2025-57833
A vulnerability in some versions of the Django framework allows attackers to access sensitive data if a web application uses insecure versions.
Search at Netlas.io:
👉 Link: https://nt.ls/gu9dj
👉 Dork: tag.name:"django"
Read more: https://www.cve.org/CVERecord?id=CVE-2025-57833
👾4❤1👍1
Mapping Dark Web Infrastructure 💀
In latest article we break down practical techniques investigators use to trace hidden services — clearnet resource leaks, header fingerprints, certificate reuse, and bulletproof hosting overlaps.
Real examples and ethical do’s & don’ts included.
👉 Read now: https://netlas.io/blog/mapping_dark_web/
In latest article we break down practical techniques investigators use to trace hidden services — clearnet resource leaks, header fingerprints, certificate reuse, and bulletproof hosting overlaps.
Real examples and ethical do’s & don’ts included.
👉 Read now: https://netlas.io/blog/mapping_dark_web/
netlas.io
Mapping Dark Web Infrastructure - Netlas Blog
Explore how investigators trace dark web infrastructure through clues and errors that exposed AlphaBay, Hansa, and other hidden services.
🔥5👻4❤2
CVE-2025-8085: SSRF in Ditty WordPress plugin, 8.6 rating❗️
The vulnerability allows attackers without authentication to make requests to arbitrary URLs.
Search at Netlas.io:
👉 Link: https://nt.ls/HthP0
👉 Dork: http.body:"plugins/ditty-news-ticker"
Read more: https://wpscan.com/vulnerability/f42c37bb-1ae0-49ab-bd81-7864dff0fcff/
The vulnerability allows attackers without authentication to make requests to arbitrary URLs.
Search at Netlas.io:
👉 Link: https://nt.ls/HthP0
👉 Dork: http.body:"plugins/ditty-news-ticker"
Read more: https://wpscan.com/vulnerability/f42c37bb-1ae0-49ab-bd81-7864dff0fcff/
👾5👏1