Vibe-Coding Security Risks: When AI Ships Insecurity ⚠️
AI helps you ship code fast — and sometimes ships vulnerabilities faster.
In our latest article, learn how vibe-coding introduces issues like package hallucination, typosquatting, weak auth, and exposed configs, see real-world fallout, and get practical steps to secure AI-generated code.
👉 Read now: https://netlas.io/blog/vibe-coding-security-risks/
AI helps you ship code fast — and sometimes ships vulnerabilities faster.
In our latest article, learn how vibe-coding introduces issues like package hallucination, typosquatting, weak auth, and exposed configs, see real-world fallout, and get practical steps to secure AI-generated code.
👉 Read now: https://netlas.io/blog/vibe-coding-security-risks/
netlas.io
Top Vibe-Coding Security Risks - Netlas Blog
Why can vibe-coding with AI cause costly breaches that developers may miss? Let's find out!
❤5👾2👏1
CVE-2025-57833: SQL Injection in Django, 7.1 rating❗️
A vulnerability in some versions of the Django framework allows attackers to access sensitive data if a web application uses insecure versions.
Search at Netlas.io:
👉 Link: https://nt.ls/gu9dj
👉 Dork: tag.name:"django"
Read more: https://www.cve.org/CVERecord?id=CVE-2025-57833
A vulnerability in some versions of the Django framework allows attackers to access sensitive data if a web application uses insecure versions.
Search at Netlas.io:
👉 Link: https://nt.ls/gu9dj
👉 Dork: tag.name:"django"
Read more: https://www.cve.org/CVERecord?id=CVE-2025-57833
👾4❤1👍1
Mapping Dark Web Infrastructure 💀
In latest article we break down practical techniques investigators use to trace hidden services — clearnet resource leaks, header fingerprints, certificate reuse, and bulletproof hosting overlaps.
Real examples and ethical do’s & don’ts included.
👉 Read now: https://netlas.io/blog/mapping_dark_web/
In latest article we break down practical techniques investigators use to trace hidden services — clearnet resource leaks, header fingerprints, certificate reuse, and bulletproof hosting overlaps.
Real examples and ethical do’s & don’ts included.
👉 Read now: https://netlas.io/blog/mapping_dark_web/
netlas.io
Mapping Dark Web Infrastructure - Netlas Blog
Explore how investigators trace dark web infrastructure through clues and errors that exposed AlphaBay, Hansa, and other hidden services.
🔥5👻4❤2
CVE-2025-8085: SSRF in Ditty WordPress plugin, 8.6 rating❗️
The vulnerability allows attackers without authentication to make requests to arbitrary URLs.
Search at Netlas.io:
👉 Link: https://nt.ls/HthP0
👉 Dork: http.body:"plugins/ditty-news-ticker"
Read more: https://wpscan.com/vulnerability/f42c37bb-1ae0-49ab-bd81-7864dff0fcff/
The vulnerability allows attackers without authentication to make requests to arbitrary URLs.
Search at Netlas.io:
👉 Link: https://nt.ls/HthP0
👉 Dork: http.body:"plugins/ditty-news-ticker"
Read more: https://wpscan.com/vulnerability/f42c37bb-1ae0-49ab-bd81-7864dff0fcff/
👾5👏1
CVE-2025-42944, -42922, -27500 and other: Multiple vulnerabilities in SAP NetWeaver, 3.1 - 10.0 rating 🔥🔥🔥
In the September patch, SAP reported 21 vulnerabilities, including Path Traversal, Missing Authentication check, Insecure File Operations, and RCE with the highest severity score!
Search at Netlas.io:
👉 Link: https://nt.ls/wFC1w
👉 Dork: http.headers.server:"NetWeaver"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2025.html
In the September patch, SAP reported 21 vulnerabilities, including Path Traversal, Missing Authentication check, Insecure File Operations, and RCE with the highest severity score!
Search at Netlas.io:
👉 Link: https://nt.ls/wFC1w
👉 Dork: http.headers.server:"NetWeaver"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/september-2025.html
👾4❤3
Bug Bounty + Recon Toolkit: Stop Hunting Blind 🧭
Still brute-forcing in the dark? Bring a map.
In our new article, we lay out a practical, start-to-finish recon flow - from passive OSINT to active probing - with copy-paste commands, tool picks, and workflow tips to turn noise into findings.
👉 Read now: https://netlas.io/blog/best_recon_tools_for_bug_bounty/
Still brute-forcing in the dark? Bring a map.
In our new article, we lay out a practical, start-to-finish recon flow - from passive OSINT to active probing - with copy-paste commands, tool picks, and workflow tips to turn noise into findings.
👉 Read now: https://netlas.io/blog/best_recon_tools_for_bug_bounty/
netlas.io
Bug Bounty 101: Top 10 Reconnaissance Tools - Netlas Blog
Essential bug bounty recon tools for asset discovery, OSINT, automation, and vulnerability research. Boost your security testing workflow.
🔥4👍3👾2
CVE-2025-5821: Authentication Bypass in Case Theme for WordPress, 9.8 rating 🔥
The vulnerability allows an unauthenticated user to gain access to any account on the site, including the administrator account. Already exploited in the wild!
Search at Netlas.io:
👉 Link: https://nt.ls/Pcezp
👉 Dork: http.body:"plugins/case-theme-user"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/case-theme-user/case-theme-user-103-authentication-bypass-via-social-login
The vulnerability allows an unauthenticated user to gain access to any account on the site, including the administrator account. Already exploited in the wild!
Search at Netlas.io:
👉 Link: https://nt.ls/Pcezp
👉 Dork: http.body:"plugins/case-theme-user"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/case-theme-user/case-theme-user-103-authentication-bypass-via-social-login
👾3
CVE-2025-59340: Sandbox Bypass in jinjava, 9.8 rating 🔥
A JavaType-Based Deserialization vulnerability has been discovered in the Jinjava engine used in HubSpot's CMS, allowing an attacker to escape the sandbox and access local server files.
Search at Netlas.io:
👉 Link: https://nt.ls/3atEg
👉 Dork: tag.name:"hubspot"
Vendor's advisory: https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v
A JavaType-Based Deserialization vulnerability has been discovered in the Jinjava engine used in HubSpot's CMS, allowing an attacker to escape the sandbox and access local server files.
Search at Netlas.io:
👉 Link: https://nt.ls/3atEg
👉 Dork: tag.name:"hubspot"
Vendor's advisory: https://github.com/HubSpot/jinjava/security/advisories/GHSA-m49c-g9wr-hv6v
🔥2👾1
🚧 Planned Maintenance 🚧
The Private Scanner will be unavailable for a period of time❗️
On Sunday, September 21, 2025, at 08:00 UTC ⏰, we will be servicing the Netlas Private Scanner. This may take all day, but our team will do everything possible to complete this task as quickly as possible.
Please remember to save your work before this time.
The Private Scanner will be unavailable for a period of time❗️
On Sunday, September 21, 2025, at 08:00 UTC ⏰, we will be servicing the Netlas Private Scanner. This may take all day, but our team will do everything possible to complete this task as quickly as possible.
Please remember to save your work before this time.
🔥2👾1
🚧 Planned Maintenance 🚧
The Private Scanner will be unavailable for a period of time❗️
We remind you that in some minutes, planned Scanner servicing will begin. It is expected to take a full day, but we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
The Private Scanner will be unavailable for a period of time❗️
We remind you that in some minutes, planned Scanner servicing will begin. It is expected to take a full day, but we will do our best to complete it as quickly as possible.
Please remember to save your work before this time.
🕊1
CVE-2025-9079: Path Traversal in Mattermost, 8.0 rating❗️
A vulnerability in some versions of Mattermost allows attackers to execute arbitrary code via a malicious plugin.
Search at Netlas.io:
👉 Link: https://nt.ls/gCXcr
👉 Dork: http.noscript:"mattermost"
Vendor's advisories: https://mattermost.com/security-updates/
A vulnerability in some versions of Mattermost allows attackers to execute arbitrary code via a malicious plugin.
Search at Netlas.io:
👉 Link: https://nt.ls/gCXcr
👉 Dork: http.noscript:"mattermost"
Vendor's advisories: https://mattermost.com/security-updates/
👾3❤1
CVE-2025-20352: Buffer Overflaw in Cisco IOS XE, 7.7 rating❗️
A vulnerability in the SNMP component allows an attacker to perform a DoS or execute code as the root user. It's already being exploited!
Search at Netlas.io:
👉 Link: https://nt.ls/NQLA2
👉 Dork: certificate.issuer_dn:"IOS-Self-Signed-Certificate"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte
A vulnerability in the SNMP component allows an attacker to perform a DoS or execute code as the root user. It's already being exploited!
Search at Netlas.io:
👉 Link: https://nt.ls/NQLA2
👉 Dork: certificate.issuer_dn:"IOS-Self-Signed-Certificate"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte
👾4
CVE-2025-20363: Buffer Overflow (again) in Cisco IOS (again), 9.0 rating 🔥
Another vulnerability has been discovered in Cisco products, including IOS. This time, an attacker can execute code without having high privileges!
Search at Netlas.io:
👉 Link: https://nt.ls/NQLA2
👉 Dork: certificate.issuer_dn:"IOS-Self-Signed-Certificate"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O
Another vulnerability has been discovered in Cisco products, including IOS. This time, an attacker can execute code without having high privileges!
Search at Netlas.io:
👉 Link: https://nt.ls/NQLA2
👉 Dork: certificate.issuer_dn:"IOS-Self-Signed-Certificate"
Vendor's advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O
👾4
CVE-2025-20371 and other: Multiple vulnerabilities in Splunk, 4.6 - 7.5 rating❗️
In a recent advisory, Splunk reported six vulnerabilities, including DoS, XXE, XSS, and Blind SSRF.
Search at Netlas.io:
👉 Link: https://nt.ls/H2fIr
👉 Dork: http.headers.set_cookie:"splunkweb_uid"
Vendor's advisory: https://advisory.splunk.com//advisories/SVD-2025-1006
In a recent advisory, Splunk reported six vulnerabilities, including DoS, XXE, XSS, and Blind SSRF.
Search at Netlas.io:
👉 Link: https://nt.ls/H2fIr
👉 Dork: http.headers.set_cookie:"splunkweb_uid"
Vendor's advisory: https://advisory.splunk.com//advisories/SVD-2025-1006
👍3👾2
CVE-2021-43798: The reborn Path Traversal in Grafana, 7,5 rating❗️
Researchers at GreyNoise have discovered a large-scale malware campaign that exploits a relatively old vulnerability. It allows attackers to access local files on a server, thereby compromising privacy.
Search at Netlas.io:
👉 Link: https://nt.ls/5RrJ3
👉 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
Read more: https://www.greynoise.io/blog/coordinated-grafana-exploitation-attempts
Researchers at GreyNoise have discovered a large-scale malware campaign that exploits a relatively old vulnerability. It allows attackers to access local files on a server, thereby compromising privacy.
Search at Netlas.io:
👉 Link: https://nt.ls/5RrJ3
👉 Dork: http.favicon.hash_sha256:80a7f87a79169cf0ac1ed3250d7c509368190a97bc7182cd4705deb8f8c70174 AND http.noscript:"Grafana"
Read more: https://www.greynoise.io/blog/coordinated-grafana-exploitation-attempts
🔥2👾2
📌 Post-Quantum Now: from AES & RSA to ML-KEM Hybrids
A crisp, practical guide to navigating the quantum shift: how today’s crypto stack really works, what breaks with quantum, what survives (hello, AES-256), and how to roll in ML-KEM/Dilithium without breaking prod.
Highlights you’ll get in 10 minutes:
1️⃣ A little tour of the “digital trust” stack — AES modes, nonce pitfalls (GCM vs SIV), and why key-derivation details matter.
2️⃣ Quantum threat & HNDL explained: keep symmetric strong (AES-256), plan to replace public-key (RSA/ECDSA/curves).
3️⃣ What NIST is standardizing now: ML-KEM (Kyber) for key establishment and ML-DSA (Dilithium) for signatures — with libraries you can use today (liboqs/pyoqs).
4️⃣ Hands-on hybrid recipe: X25519 + ML-KEM, trannoscript-bound HKDF, and a minimal Python snippet to derive a shared session key.
5️⃣ Migration roadmap you can copy-paste: Shadow Mode → Hybrid Mode → Audit & Logging → Policy flags → Crypto agility best practices.
If you’re a security engineer, architect, or CISO planning 2025 rollouts, this is your field guide to ship PQC with confidence — not someday, but now.
👉 Read the full post: https://netlas.io/blog/post_quantum_cryptography/
A crisp, practical guide to navigating the quantum shift: how today’s crypto stack really works, what breaks with quantum, what survives (hello, AES-256), and how to roll in ML-KEM/Dilithium without breaking prod.
Highlights you’ll get in 10 minutes:
1️⃣ A little tour of the “digital trust” stack — AES modes, nonce pitfalls (GCM vs SIV), and why key-derivation details matter.
2️⃣ Quantum threat & HNDL explained: keep symmetric strong (AES-256), plan to replace public-key (RSA/ECDSA/curves).
3️⃣ What NIST is standardizing now: ML-KEM (Kyber) for key establishment and ML-DSA (Dilithium) for signatures — with libraries you can use today (liboqs/pyoqs).
4️⃣ Hands-on hybrid recipe: X25519 + ML-KEM, trannoscript-bound HKDF, and a minimal Python snippet to derive a shared session key.
5️⃣ Migration roadmap you can copy-paste: Shadow Mode → Hybrid Mode → Audit & Logging → Policy flags → Crypto agility best practices.
If you’re a security engineer, architect, or CISO planning 2025 rollouts, this is your field guide to ship PQC with confidence — not someday, but now.
👉 Read the full post: https://netlas.io/blog/post_quantum_cryptography/
netlas.io
Post-Quantum Now: From AES & RSA to ML-KEM Hybrids - Netlas Blog
A Practical Guide to Post-Quantum Cryptography: Algorithms, Migration Roadmap, Risks, and Metrics
👍8👾4❤3
CVE-2025-49844, -46817, -46818, -46819: Multiple vulnerabilities in Redis, 6.0 - 10.0 rating 🔥🔥🔥
Four recently disclosed vulnerabilities in Redis include Use After Free, Code Injection, and Integer Overflow. All versions that support the Lua language are vulnerable.
Search at Netlas.io:
👉 Link: https://nt.ls/gZwyS
👉 Dork: redis.memory_info.used_memory_lua:>0
Vendor's advisory: https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q
Four recently disclosed vulnerabilities in Redis include Use After Free, Code Injection, and Integer Overflow. All versions that support the Lua language are vulnerable.
Search at Netlas.io:
👉 Link: https://nt.ls/gZwyS
👉 Dork: redis.memory_info.used_memory_lua:>0
Vendor's advisory: https://github.com/redis/redis/security/advisories/GHSA-4789-qfc9-5f9q
🔥4👾3
CVE-2025-25017, -25018, and other: Multiple vulnerabilities in Kibana, 5.3 - 8.7 rating❗️
In their latest updates, Elastic disclosed several XSS vulnerabilities targeting Kibana.
Search at Netlas.io:
👉 Link: https://nt.ls/0Jsfv
👉 Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisories: https://discuss.elastic.co/c/announcements/security-announcements/31
In their latest updates, Elastic disclosed several XSS vulnerabilities targeting Kibana.
Search at Netlas.io:
👉 Link: https://nt.ls/0Jsfv
👉 Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisories: https://discuss.elastic.co/c/announcements/security-announcements/31
👾3👏1
CVE-2025-11340, CVE-2025-10004, and other: Multiple vulnerabilities in GitLab, 4.3 - 7.7 rating❗️
In a recent bulletin, GitLab reported four vulnerabilities, including Missing Authorization, DoS, and Incorrect Authorization.
Search at Netlas.io:
👉 Link: https://nt.ls/vHRRQ
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/10/08/patch-release-gitlab-18-4-2-released/
In a recent bulletin, GitLab reported four vulnerabilities, including Missing Authorization, DoS, and Incorrect Authorization.
Search at Netlas.io:
👉 Link: https://nt.ls/vHRRQ
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/10/08/patch-release-gitlab-18-4-2-released/
❤2👾2
🔍 3 Million Databases Later: Mapping Internet Exposure with Netlas
A data-driven investigation of 3.2 million internet-facing databases — MySQL, MongoDB, PostgreSQL, MSSQL, Oracle, and Elasticsearch — revealing how exposed they really are, which controls fail most often, and where the global weak spots hide.
What you’ll learn in 20 minutes:
🧩 How Netlas scans were used to get millions of database banners and metadata worldwide.
⚙️ The pipeline behind the study — from raw banners to per-service risk scoring and global aggregation.
📊 Who’s most exposed: MySQL leads with 2.53 M instances, MongoDB still leaks metadata, PostgreSQL flunks TLS at scale.
🪜 Practical remediation steps — per-service hardening tips and global trends that shape today’s attack surface.
For security engineers, analysts, and anyone mapping the exposed-data landscape — this is a rare, quantified look at how misconfiguration still fuels risk in 2025, written by a cool researcher in collaboration with Netlas.
👉 Read the full research: https://netlas.io/blog/exposed_databases/
A data-driven investigation of 3.2 million internet-facing databases — MySQL, MongoDB, PostgreSQL, MSSQL, Oracle, and Elasticsearch — revealing how exposed they really are, which controls fail most often, and where the global weak spots hide.
What you’ll learn in 20 minutes:
🧩 How Netlas scans were used to get millions of database banners and metadata worldwide.
⚙️ The pipeline behind the study — from raw banners to per-service risk scoring and global aggregation.
📊 Who’s most exposed: MySQL leads with 2.53 M instances, MongoDB still leaks metadata, PostgreSQL flunks TLS at scale.
🪜 Practical remediation steps — per-service hardening tips and global trends that shape today’s attack surface.
For security engineers, analysts, and anyone mapping the exposed-data landscape — this is a rare, quantified look at how misconfiguration still fuels risk in 2025, written by a cool researcher in collaboration with Netlas.
👉 Read the full research: https://netlas.io/blog/exposed_databases/
netlas.io
I Analysed Over 3 Million Exposed Databases Using Netlas - Netlas Blog
Analysing 3.2M exposed databases with Netlas to reveal global risks, failed controls, and exposure trends across major DB systems
❤4👾4
CVE-2025-42944, -42937, -42910, and other: Multiple vulnerabilities in SAP NetWeaver, 5.3 - 10.0 🔥🔥🔥
In its October bulletin, SAP published a list of 13 new vulnerabilities affecting NetWeaver, NetWeaver AS Java, and other products. These vulnerabilities include Insecure Deserialization, Information Disclosure, etc.
Search at Netlas.io:
👉 Link: https://nt.ls/aBHGg
👉 Dork: http.headers.server:"NetWeaver"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html
In its October bulletin, SAP published a list of 13 new vulnerabilities affecting NetWeaver, NetWeaver AS Java, and other products. These vulnerabilities include Insecure Deserialization, Information Disclosure, etc.
Search at Netlas.io:
👉 Link: https://nt.ls/aBHGg
👉 Dork: http.headers.server:"NetWeaver"
Vendor's advisory: https://support.sap.com/en/my-support/knowledge-base/security-notes-news/october-2025.html
🔥2👾2👍1