fa
Feedback
Netlas.io

Netlas.io

رفتن به کانال در Telegram

Explore the latest in cybersecurity with Netlas.io. Stay ahead with updates on high-profile vulnerabilities, expert tutorials, essential safety tips, and the latest Netlas developments.

نمایش بیشتر
2 190
مشترکین
+224 ساعت
+167 روز
+5030 روز
آرشیو پست ها
CVE-2026-4112 and other: SQL injection and TOTP vulnerabilities in SonicWall SMA 1000 Series, up to 7.2 rating ❗️ The most se
CVE-2026-4112 and other: SQL injection and TOTP vulnerabilities in SonicWall SMA 1000 Series, up to 7.2 rating ❗️ The most severe vulnerability (SQL injection) allows remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator. Search at Netlas.io: 👉 Link: https://nt.ls/mzseI 👉 Dork: http.favicon.hash_sha256:6bb6f64adaa6a7ed4da10a2fe4edf4cb4d9914aa742c7ad607ca4ca678dcd3f1 OR certificate.subject_dn:"HTTPS Management Certificate for SonicWALL (self-signed)" Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003

🔄 How to Find Unprotected Databases — Chapter 2 A Netlas beginner’s guide — now republished on our blog (moved from Medium). Reviewed and updated. 🕒 5 min read 👉 https://netlas.io/blog/how_to_find_unprotected_databases_chapter_2/

CVE-2026-0740: Vulnerability in Ninja Forms WordPress plugin, 9.8 rating The vulnerability allows unauthenticated attackers t
CVE-2026-0740: Vulnerability in Ninja Forms WordPress plugin, 9.8 rating The vulnerability allows unauthenticated attackers to upload arbitrary files to a vulnerable site and achieve remote code execution. Search at Netlas.io: 👉 Link: https://nt.ls/rkM7h 👉 Dork: http.body:"plugins/ninja-forms" Read more: https://www.wordfence.com/blog/2026/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-ninja-forms-file-upload-wordpress-plugin/

CVE-2026-3429, CVE-2026-4636 and others in Keycloak. Several vulnerabilities in Keycloak allow attackers to bypass MFA, steal
CVE-2026-3429, CVE-2026-4636 and others in Keycloak. Several vulnerabilities in Keycloak allow attackers to bypass MFA, steal access tokens, and access confidential user data. Search at Netlas.io: 👉 Link: https://nt.ls/Ooqi1 👉 Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676 Vendor's advisory: https://www.keycloak.org/2026/04/keycloak-2657-released

⭐️ Ever wondered how professional threat intelligence feeds are actually built? Our partners at RST Cloud pull back the curtain on their approach to threat hunting — revealing how they identify, track, and expand command-and-control (C2) infrastructure at scale. 🔍 Inside the post: • How RST Cloud discovers malicious infrastructure in the wild • Techniques for linking isolated IoCs into meaningful threat clusters • The methodology behind building reliable, high-quality threat intelligence feeds • How Netlas data helps enrich and accelerate investigations This is a rare look into the real workflows behind modern threat intelligence — straight from a team doing it every day. 🕒 5 min read 👉 https://netlas.io/blog/с2_hunting_by_rst_cloud/

🔄 Netlas and Uncover The article has been updated. All commands were reviewed and tested. 👉🏼 Read the guide: https://netlas.io/blog/netlas_and_uncover/

Netlas Legal Update We’ve revised the Netlas Terms & Conditions and API & Data License Agreement. The updated terms take effect on March 6, 2026. Details: https://netlas.io/blog/terms_updated/

Netlas v1.6 is out 🔍 Private Scanner now supports “Scan all ports” — non-intrusive scans across 65,536 TCP ports. 🆕 Added CWMP protocol support. ⚠️ Breaking change: updated Discovery API response format for groups. Details at https://docs.netlas.io/changelog/

CVE-2026-1490: Vulnerability in CleanTalk WordPress plugin, 9.8 rating 🔥 The vulnerability allows attackers to install any p
CVE-2026-1490: Vulnerability in CleanTalk WordPress plugin, 9.8 rating 🔥 The vulnerability allows attackers to install any plugin on an affected website, which could be the first step in any attack chain. Search at Netlas.io: 👉 Link: https://nt.ls/wZ4Qu 👉 Dork: http.body:"plugins/cleantalk-spam-protect" Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/cleantalk-spam-protect/spam-protection-honeypot-anti-spam-by-cleantalk-671-authorization-bypass-via-reverse-dns-ptr-record-spoofing-to-unauthenticated-arbitrary-plugin-installation

📌 Top 10 Hacking Devices for Ethical Hackers in 2026 Here is a practical guide to the hardware pentesting toolkit that keeps showing up in real engagements: what each device does, what it’s good for, and where the legal/ethical lines are. What you’ll get from the list: 1️⃣ Flipper Zero 🐬: a pocket multi-tool for Sub-GHz, RFID/NFC, IR and more, plus real-world examples of signal abuse. 2️⃣ USB Rubber Ducky 🦆: HID “keyboard” injection that turns physical access into instant scripted actions. 3️⃣ Wi-Fi / wireless pentest gear 📡: purpose-built tools for testing how networks handle rogue access points and user behavior. 4️⃣ RFID/NFC specialists 🎫: devices like Proxmark3 for assessing badge systems and weak access control tech. 5️⃣ SDR hardware 📻: HackRF and friends for exploring radio-based attack surfaces beyond “normal” Wi-Fi/Bluetooth. 6️⃣ Clear boundaries ⚖️: what’s generally legal to own vs. what becomes illegal fast without written permission and scope. If you’re building a red-team kit (or defending against these exact techniques), this one’s a solid bookmark. 🔎🛡️ 👉 Read here: https://netlas.io/blog/top_10_hacking_devices_2026/

CVE-2026-1207, -1285, -1287 and other: Multiple vulnerabilities in Django Framework, 5.3 - 7.5 rating❗️ Several vulnerabiliti
CVE-2026-1207, -1285, -1287 and other: Multiple vulnerabilities in Django Framework, 5.3 - 7.5 rating❗️ Several vulnerabilities in Django allow attackers to perform SQL injection and DoS attacks. Search at Netlas.io: 👉 Link: https://nt.ls/SOxq1 👉 Dork: tag.name:"django" Vendor's advisory: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/

CVE-2026-1281, -1340: Two vulnerabilities in Ivanti EPMM, 9.8 rating 🔥 Two recent vulnerabilities in Ivanti EPMM allow attac
CVE-2026-1281, -1340: Two vulnerabilities in Ivanti EPMM, 9.8 rating 🔥 Two recent vulnerabilities in Ivanti EPMM allow attackers to perform RCE. Cases have already been reported in the wild! Search at Netlas.io: 👉 Link: https://nt.ls/EbWv1 👉 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs") Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US

📌 Inside ClickFix: how fake prompts took over the web Fake CAPTCHAs and “verification” pages coax users into pasting system commands via trusted tools like Run or PowerShell. No exploit, no download — the victim executes the payload themselves, sidestepping many defenses. What’s inside 1️⃣ The evolution: from simple error popups to polished reCAPTCHA/Turnstile clones, OS-aware pages, and video walk-throughs that raise urgency. 2️⃣ Scale of the problem: ESET tracked a 517% rise (H2’24→H1’25); ClickFix-style lures now account for ~8% of blocked attacks. 3️⃣ APT adoption: ClearFake, TA571, Lazarus, Kimsuky, Callisto/Sednit, MuddyWater, APT36 — cross-platform, high-impact use. 4️⃣ Anatomy of an attack: delivery → deceptive prompt → clipboard injection → user-initiated execution → payload retrieval. 5️⃣ Real-world sample: a faux CAPTCHA plants a VBS downloader command, then runs the fetched script from %TEMP%. 6️⃣ Why it lands: Microsoft’s 2025 report calls ClickFix the top initial-access vector, tied to 47% of recorded intrusions. Bonus: the article includes hunting tips and how to stop these chains at scale. 🔎🛡️ 👉 Read here: https://netlas.io/blog/fake_prompts/

Top 10 Critical Threat Actors - who they are, how they operate, how to respond 📌 Netlas distills the ten most consequential adversaries shaping 2026 risk. For each actor you get a clean snapshot: motives, preferred targets, initial-access methods, tooling/C2 habits, notable intrusions, and concrete detections/mitigations. What’s inside: ✅ Clear selection criteria (impact, capability, tempo, cross-sector reach) for each actor. 🛠️ Playbook patterns you’ll actually see: phishing & social engineering, supply-chain/third-party abuse, cloud & SaaS compromise, data theft and extortion. 🌐 Infrastructure habits: rotating domains/hosts, abuse of legitimate services, and operational security tells defenders can hunt for. 🏛️ Sector focus: government, finance, telco, healthcare, manufacturing, and critical infrastructure - with risk notes per vertical. 🔐Copy-paste defenses: phishing-resistant MFA, hardening endpoints and SaaS, egress/DNS controls, backup immutability, logging that supports fast IR, and tabletop exercises mapped to these actors. A practical brief for CISOs, IR leads, and engineering managers planning 2026 controls. 👉 Read now: https://netlas.io/blog/top_10_critical_threat_actors/

CVE-2025-59718, -59719: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating 🔥 Fortinet research
CVE-2025-59718, -59719: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating 🔥 Fortinet researchers have discovered instances of exploitation of last year's vulnerabilities that bypassed patches. We recommend reviewing the mitigation recommendations. Search at Netlas.io: 👉 Link: https://nt.ls/X38VT 👉 Dork: http.favicon.hash_sha256:d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f Vendor's advisory: https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios

CVE-2025-13927, -13928, -13335, CVE-2026-0723, -1102: Multiple vulnerabilitites in GitLab, 3.1 - 7.5 rating❗️ Several recent
CVE-2025-13927, -13928, -13335, CVE-2026-0723, -1102: Multiple vulnerabilitites in GitLab, 3.1 - 7.5 rating❗️ Several recent vulnerabilities in GitLab include DoS, Incorrect Authorization, and other issues. Search at Netlas.io: 👉 Link: https://nt.ls/5JrG3 👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab" Vendor's advisory: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/

CVE-2025-37165, -37166: Multiple vulnerabilities in Aruba, 7.5 rating❗️ Vulnerabilities in Aruba HPE allow an attacker to per
CVE-2025-37165, -37166: Multiple vulnerabilities in Aruba, 7.5 rating❗️ Vulnerabilities in Aruba HPE allow an attacker to perform a DoS or gain knowledge of the internal network configuration. Search at Netlas.io: 👉 Link: https://nt.ls/AlIHR 👉 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753 Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US#hpesbnw04988-rev-1-hpe-networking-instant-on-multi-0

📌 Bug Bounty 101 — a complete 2026 roadmap for beginners Netlas’ new guide cuts through the “dead vs $100k” hype: bug bounty isn’t dead, it’s just more mature. Success now comes from smart target selection, solid recon, manual testing, and reports that get accepted. What’s inside: 1️⃣ Prerequisites checklist: networking, HTTP basics, light coding, core vulns, and why patience/focus matter. 2️⃣ Picking targets: start with VDPs and less-crowded programs; use HackerOne/Bugcrowd/Intigriti and Google dorks to find scopes; stick to one target. 3️⃣ Recon that works: org WHOIS → asset mapping → subdomains; customize your flow, with a concrete Netlas example and CLI tips. 4️⃣ Hunting methodology: build product knowledge first; use a single multi-signal test string to probe inputs; avoid blind payload spam. 5️⃣ Reports that get paid and beginner mistakes to avoid, plus a practical 60-day plan to your first live finding. 👉 Read here: https://netlas.io/blog/bug_bounty_roadmap/

📌 Software Supply Chain Attacks — how trust breaks, and how to fix it Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code — as in the CCleaner incident. This explainer maps where trust fails and what to harden. What’s inside: 1️⃣ The chain itself: repos, dependency managers, CI/CD, artifact storage — and the weak assumptions they rely on. 2️⃣ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls. 3️⃣ Case in point: a signed build gone rogue (CCleaner) shows why “official” isn’t always safe. 4️⃣ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from. 👉 Full article here: https://netlas.io/blog/supply_chain_attack/

❗️Technical Issue Alert❗️ Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes. Our team is working hard to resolve the issue as quickly as possible. 👉 You can also follow the Netlas status on the corresponding page: https://status.netlas.io/ We sincerely apologize for the inconvenience and appreciate your patience 🙏