We’ve just shipped Netlas Python SDK v0.8.0 🐍✨
This update brings more reliable downloads, refreshed stats handling, and broader SDK coverage — including new Discovery/Mapping methods, improved Scanner and Datastore tools, and a couple of nice usability touches in both profiles and the CLI.
👉 Check full changelog here: https://docs.netlas.io/changelog/
This update brings more reliable downloads, refreshed stats handling, and broader SDK coverage — including new Discovery/Mapping methods, improved Scanner and Datastore tools, and a couple of nice usability touches in both profiles and the CLI.
👉 Check full changelog here: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
🔥4❤2👾2
CVE-2025-11699: Insufficient Session Expiration in nopCommerce, 7.1 rating❗️
Because some versions of nopCommerce do not clear cookies, an attacker who gains access to someone else's cookie can use it to hijack a session or escalate privileges.
Search at Netlas.io:
👉 Link: https://nt.ls/6rFG4
👉 Dork: http.meta:"nopCommerce"
Read more: https://seclists.org/fulldisclosure/2025/Aug/14
Because some versions of nopCommerce do not clear cookies, an attacker who gains access to someone else's cookie can use it to hijack a session or escalate privileges.
Search at Netlas.io:
👉 Link: https://nt.ls/6rFG4
👉 Dork: http.meta:"nopCommerce"
Read more: https://seclists.org/fulldisclosure/2025/Aug/14
👾5
CVE-2025-55182: RCE in React Server Components, 10.0 rating 🔥🔥🔥
The code of vulnerable components insecurely deserializes HTTP requests, which could allow an attacker to perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/lg3gz
👉 Dork: tag.name:"react"
Vendor's advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
The code of vulnerable components insecurely deserializes HTTP requests, which could allow an attacker to perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/lg3gz
👉 Dork: tag.name:"react"
Vendor's advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
🔥8👾4
CVE-2025-66399: Command Injection in Cacti, 7.4 rating❗️
A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/VJyxC
👉 Dork: http.noscript:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Vendor's advisory: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE.
Search at Netlas.io:
👉 Link: https://nt.ls/VJyxC
👉 Dork: http.noscript:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Vendor's advisory: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
👾7
📌 The Evolution of C2: Centralized to On-Chain
We map how C2 moved from IRC and web panels to DGAs, P2P, fast-flux, abuse of legit cloud platforms, and now smart-contract C2 on public blockchains — with concrete detection playbooks.
What’s inside:
1. The lineage: IRC → HTTP/HTTPS → DGA & P2P → fast-flux → cloud/“legit” platforms → blockchain contracts.
2. Why on-chain C2 matters: immutable contracts, pseudonymous wallets, and payload retrieval over public RPC.
3. Trade-offs: resilience vs latency, and how transparency enables forensics even as takedowns get harder.
4. Practical detection: block JSON-RPC egress to public providers, use TLS/JARM and beacon-timing patterns, and watch for DNS tunneling.
👉 Read now: https://netlas.io/blog/evolution_of_c2_infrastructure/
We map how C2 moved from IRC and web panels to DGAs, P2P, fast-flux, abuse of legit cloud platforms, and now smart-contract C2 on public blockchains — with concrete detection playbooks.
What’s inside:
1. The lineage: IRC → HTTP/HTTPS → DGA & P2P → fast-flux → cloud/“legit” platforms → blockchain contracts.
2. Why on-chain C2 matters: immutable contracts, pseudonymous wallets, and payload retrieval over public RPC.
3. Trade-offs: resilience vs latency, and how transparency enables forensics even as takedowns get harder.
4. Practical detection: block JSON-RPC egress to public providers, use TLS/JARM and beacon-timing patterns, and watch for DNS tunneling.
👉 Read now: https://netlas.io/blog/evolution_of_c2_infrastructure/
netlas.io
The Evolution of C2: Centralized to On-Chain - Netlas Blog
How C2 moved from centralized servers to blockchain contracts. Resilience, trade-offs, real cases, and practical detection via RPC filtering and on-chain analysis.
👾3🔥2
CVE-2025-14265: Download of Code Without Integrity Check in ScreenConnect, 9.1 rating 🔥
A server-side vulnerability could allow an authenticated attacker to execute custom code or access configuration data.
Search at Netlas.io:
👉 Link: https://nt.ls/1JSOa
👉 Dork: http.headers.server:"ScreenConnect"
Vendor's advisory: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-2025.8-security-patch
A server-side vulnerability could allow an authenticated attacker to execute custom code or access configuration data.
Search at Netlas.io:
👉 Link: https://nt.ls/1JSOa
👉 Dork: http.headers.server:"ScreenConnect"
Vendor's advisory: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-2025.8-security-patch
👾7
CVE-2025-14733: Out-of-bounds Write in WatchGuard, 9.1 rating 🔥
A vulnerability in Fireware OS allows a remote unauthenticated user to execute arbitrary code.
Search at Netlas.io:
👉 Link: https://nt.ls/jooF2
👉 Dork: http.favicon.hash_sha256:9560bc07784890efa36dc4636b6d5f091059914bb5cb8941d00c5b47646efb8c
Read more: https://github.com/advisories/GHSA-hv82-jj64-jf47
A vulnerability in Fireware OS allows a remote unauthenticated user to execute arbitrary code.
Search at Netlas.io:
👉 Link: https://nt.ls/jooF2
👉 Dork: http.favicon.hash_sha256:9560bc07784890efa36dc4636b6d5f091059914bb5cb8941d00c5b47646efb8c
Read more: https://github.com/advisories/GHSA-hv82-jj64-jf47
👾4
CVE-2025-68385: Cross-site Scripting in Kibana, 7.2 rating❗️
A vulnerability in the Vega renderer could allow an authenticated attacker to perform XSS injection.
Search at Netlas.io:
👉 Link: https://nt.ls/XGTPX
👉 Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisory: https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
A vulnerability in the Vega renderer could allow an authenticated attacker to perform XSS injection.
Search at Netlas.io:
👉 Link: https://nt.ls/XGTPX
👉 Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisory: https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
👾4
🎄🎅🏼❄️ Netlas v1.5.1
We introduce Daily Internet Scan Data Snapshots — time-bounded datasets containing all scan results collected within a 24-hour period.
Plus:
🏷️ improved technology tags
💭 visual mapping hints
👉 Check full changelog here: https://docs.netlas.io/changelog/
We introduce Daily Internet Scan Data Snapshots — time-bounded datasets containing all scan results collected within a 24-hour period.
Plus:
🏷️ improved technology tags
💭 visual mapping hints
👉 Check full changelog here: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
🔥6👍1
❗️Technical Issue Alert❗️
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
👉 You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience 🙏
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
👉 You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience 🙏
💊4
📌 Software Supply Chain Attacks — how trust breaks, and how to fix it
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code — as in the CCleaner incident. This explainer maps where trust fails and what to harden.
What’s inside:
1️⃣ The chain itself: repos, dependency managers, CI/CD, artifact storage — and the weak assumptions they rely on.
2️⃣ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3️⃣ Case in point: a signed build gone rogue (CCleaner) shows why “official” isn’t always safe.
4️⃣ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
👉 Full article here: https://netlas.io/blog/supply_chain_attack/
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code — as in the CCleaner incident. This explainer maps where trust fails and what to harden.
What’s inside:
1️⃣ The chain itself: repos, dependency managers, CI/CD, artifact storage — and the weak assumptions they rely on.
2️⃣ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3️⃣ Case in point: a signed build gone rogue (CCleaner) shows why “official” isn’t always safe.
4️⃣ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
👉 Full article here: https://netlas.io/blog/supply_chain_attack/
netlas.io
Supply Chain Attack - How Attackers Weaponize Software Supply Chains - Netlas Blog
Explains how software supply chain attacks subvert trust in open source, CI/CD and registries, and how SBOM, provenance and signed builds mitigate risk.
👾3