Explore the latest in cybersecurity with Netlas.io. Stay ahead with updates on high-profile vulnerabilities, expert tutorials, essential safety tips, and the latest Netlas developments.
Join @netlas for exclusive updates and expert content and discussions in 1
π How to Find Unprotected Databases β Chapter 2
A Netlas beginnerβs guide β now republished on our blog (moved from Medium). Reviewed and updated.
π 5 min read
π https://netlas.io/blog/how_to_find_unprotected_databases_chapter_2/
405
7
0
Netlas.io
Apr 23, 2026, 03:10 PM
π· Photo
CVE-2026-3429, CVE-2026-4636 and others in Keycloak.
Several vulnerabilities in Keycloak allow attackers to bypass MFA, steal access tokens, and access confidential user data.
Search at https://netlas.io/:
π Link: https://nt.ls/Ooqi1
π Dork: http.favicon.hash_sha256:47dcf1f1a8f1afd68297a294a263849069a7a62b2e86550241416c2cc56c5676
Vendor's advisory: https://www.keycloak.org/2026/04/keycloak-2657-released
500
6
Netlas.io
Apr 23, 2026, 03:10 PM
π· Photo
CVE-2026-0740: Vulnerability in Ninja Forms WordPress plugin, 9.8 rating
The vulnerability allows unauthenticated attackers to upload arbitrary files to a vulnerable site and achieve remote code execution.
Search at http://Netlas.io/:
π Link: https://nt.ls/rkM7h
π Dork: http.body:"plugins/ninja-forms"
Read more: https://www.wordfence.com/blog/2026/04/50000-wordpress-sites-affected-by-arbitrary-file-upload-vulnerability-in-ninja-forms-file-upload-wordpress-plugin/
437
7
Netlas.io
Apr 23, 2026, 03:10 PM
π Netlas and Uncover
The article has been updated. All commands were reviewed and tested.
ππΌ Read the guide:
https://netlas.io/blog/netlas_and_uncover/
760
11
0
Netlas.io
Apr 23, 2026, 03:10 PM
βοΈ Ever wondered how professional threat intelligence feeds are actually built?
Our partners at RST Cloud pull back the curtain on their approach to threat hunting β revealing how they identify, track, and expand command-and-control (C2) infrastructure at scale.
π Inside the post:
β’ How RST Cloud discovers malicious infrastructure in the wild
β’ Techniques for linking isolated IoCs into meaningful threat clusters
β’ The methodology behind building reliable, high-quality threat intelligence feeds
β’ How Netlas data helps enrich and accelerate investigations
This is a rare look into the real workflows behind modern threat intelligence β straight from a team doing it every day.
π 5 min read
π https://netlas.io/blog/Ρ2_hunting_by_rst_cloud/
772
6
Netlas.io
Apr 23, 2026, 03:10 PM
Netlas Legal Update
Weβve revised the Netlas Terms & Conditions and API & Data License Agreement.
The updated terms take effect on March 6, 2026.
Details: https://netlas.io/blog/terms_updated/
898
7
0
Netlas.io
Apr 23, 2026, 03:10 PM
π· Photo
CVE-2026-1490: Vulnerability in CleanTalk WordPress plugin, 9.8 rating π₯
The vulnerability allows attackers to install any plugin on an affected website, which could be the first step in any attack chain.
Search at http://Netlas.io/:
π Link: https://nt.ls/wZ4Qu
π Dork: http.body:"plugins/cleantalk-spam-protect"
Read more: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/cleantalk-spam-protect/spam-protection-honeypot-anti-spam-by-cleantalk-671-authorization-bypass-via-reverse-dns-ptr-record-spoofing-to-unauthenticated-arbitrary-plugin-installation
854
9
Netlas.io
Apr 23, 2026, 03:10 PM
Netlas v1.6 is out
π Private Scanner now supports βScan all portsβ β non-intrusive scans across 65,536 TCP ports.
π Added CWMP protocol support.
β οΈ Breaking change: updated Discovery API response format for groups.
Details at https://docs.netlas.io/changelog/
1,010
12
0
Netlas.io
Apr 23, 2026, 03:10 PM
π Top 10 Hacking Devices for Ethical Hackers in 2026
Here is a practical guide to the hardware pentesting toolkit that keeps showing up in real engagements: what each device does, what itβs good for, and where the legal/ethical lines are.
What youβll get from the list:
1οΈβ£ Flipper Zero π¬: a pocket multi-tool for Sub-GHz, RFID/NFC, IR and more, plus real-world examples of signal abuse.
2οΈβ£ USB Rubber Ducky π¦: HID βkeyboardβ injection that turns physical access into instant scripted actions.
3οΈβ£ Wi-Fi / wireless pentest gear π‘: purpose-built tools for testing how networks handle rogue access points and user behavior.
4οΈβ£ RFID/NFC specialists π«: devices like Proxmark3 for assessing badge systems and weak access control tech.
5οΈβ£ SDR hardware π»: HackRF and friends for exploring radio-based attack surfaces beyond βnormalβ Wi-Fi/Bluetooth.
6οΈβ£ Clear boundaries βοΈ: whatβs generally legal to own vs. what becomes illegal fast without written permission and scope.
If youβre building a red-team kit (or defending against these exact techniques), this oneβs a solid bookmark. ππ‘οΈ
π Read here: https://netlas.io/blog/top_10_hacking_devices_2026/
970
14
Netlas.io
Apr 23, 2026, 03:10 PM
π· Photo
CVE-2026-1207, -1285, -1287 and other: Multiple vulnerabilities in Django Framework, 5.3 - 7.5 ratingβοΈ
Several vulnerabilities in Django allow attackers to perform SQL injection and DoS attacks.
Search at http://Netlas.io/:
π Link: https://nt.ls/SOxq1
π Dork: http://tag.name/:"django"
Vendor's advisory: https://www.djangoproject.com/weblog/2026/feb/03/security-releases/
762
10
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-13927, -13928, -13335, CVE-2026-0723, -1102: Multiple vulnerabilitites in GitLab, 3.1 - 7.5 ratingβοΈ
Several recent vulnerabilities in GitLab include DoS, Incorrect Authorization, and other issues.
Search at http://Netlas.io/:
π Link: https://nt.ls/5JrG3
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/
612
3
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-59718, -59719: Improper Verification of Cryptographic Signature in Fortinet devices, 9.8 rating π₯
Fortinet researchers have discovered instances of exploitation of last year's vulnerabilities that bypassed patches. We recommend reviewing the mitigation recommendations.
Search at http://Netlas.io/:
π Link: https://nt.ls/X38VT
π Dork: http.favicon.hash_sha256:d18b3c9feb76c3c1cfdcc51c732f113327e3c33fb3f63b479951f7da6ed1216f
Vendor's advisory: https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios
553
7
Netlas.io
Mar 29, 2026, 09:31 AM
π Bug Bounty 101 β a complete 2026 roadmap for beginners
Netlasβ new guide cuts through the βdead vs $100kβ hype: bug bounty isnβt dead, itβs just more mature. Success now comes from smart target selection, solid recon, manual testing, and reports that get accepted.
Whatβs inside:
1οΈβ£ Prerequisites checklist: networking, HTTP basics, light coding, core vulns, and why patience/focus matter.
2οΈβ£ Picking targets: start with VDPs and less-crowded programs; use HackerOne/Bugcrowd/Intigriti and Google dorks to find scopes; stick to one target.
3οΈβ£ Recon that works: org WHOIS β asset mapping β subdomains; customize your flow, with a concrete Netlas example and CLI tips.
4οΈβ£ Hunting methodology: build product knowledge first; use a single multi-signal test string to probe inputs; avoid blind payload spam.
5οΈβ£ Reports that get paid and beginner mistakes to avoid, plus a practical 60-day plan to your first live finding.
π Read here: https://netlas.io/blog/bug_bounty_roadmap/
755
8
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-37165, -37166: Multiple vulnerabilities in Aruba, 7.5 ratingβοΈ
Vulnerabilities in Aruba HPE allow an attacker to perform a DoS or gain knowledge of the internal network configuration.
Search at http://Netlas.io/:
π Link: https://nt.ls/AlIHR
π Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US#hpesbnw04988-rev-1-hpe-networking-instant-on-multi-0
651
5
Netlas.io
Mar 29, 2026, 09:31 AM
ππ πΌβοΈ Netlas v1.5.1
We introduce Daily Internet Scan Data Snapshots β time-bounded datasets containing all scan results collected within a 24-hour period.
Plus:
π·οΈ improved technology tags
π visual mapping hints
π Check full changelog here: https://docs.netlas.io/changelog/
821
8
0
Netlas.io
Mar 29, 2026, 09:31 AM
βοΈTechnical Issue AlertβοΈ
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
π You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience π
804
4
0
Netlas.io
Mar 29, 2026, 09:31 AM
π Software Supply Chain Attacks β how trust breaks, and how to fix it
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code β as in the CCleaner incident. This explainer maps where trust fails and what to harden.
Whatβs inside:
1οΈβ£ The chain itself: repos, dependency managers, CI/CD, artifact storage β and the weak assumptions they rely on.
2οΈβ£ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3οΈβ£ Case in point: a signed build gone rogue (CCleaner) shows why βofficialβ isnβt always safe.
4οΈβ£ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
π Full article here: https://netlas.io/blog/supply_chain_attack/
950
9
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-14265: Download of Code Without Integrity Check in ScreenConnect, 9.1 rating π₯
A server-side vulnerability could allow an authenticated attacker to execute custom code or access configuration data.
Search at http://Netlas.io/:
π Link: https://nt.ls/1JSOa
π Dork: http.headers.server:"ScreenConnect"
Vendor's advisory: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-2025.8-security-patch
873
7
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-14733: Out-of-bounds Write in WatchGuard, 9.1 rating π₯
A vulnerability in Fireware OS allows a remote unauthenticated user to execute arbitrary code.
Search at http://Netlas.io/:
π Link: https://nt.ls/jooF2
π Dork: http.favicon.hash_sha256:9560bc07784890efa36dc4636b6d5f091059914bb5cb8941d00c5b47646efb8c
Read more: https://github.com/advisories/GHSA-hv82-jj64-jf47
832
5
Netlas.io
Mar 29, 2026, 09:31 AM
π· Photo
CVE-2025-68385: Cross-site Scripting in Kibana, 7.2 ratingβοΈ
A vulnerability in the Vega renderer could allow an authenticated attacker to perform XSS injection.
Search at http://Netlas.io/:
π Link: https://nt.ls/XGTPX
π Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisory: https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
744
4
Netlas.io
Mar 20, 2026, 01:40 AM
π The Evolution of C2: Centralized to On-Chain
We map how C2 moved from IRC and web panels to DGAs, P2P, fast-flux, abuse of legit cloud platforms, and now smart-contract C2 on public blockchains β with concrete detection playbooks.
Whatβs inside:
1. The lineage: IRC β HTTP/HTTPS β DGA & P2P β fast-flux β cloud/βlegitβ platforms β blockchain contracts.
2. Why on-chain C2 matters: immutable contracts, pseudonymous wallets, and payload retrieval over public RPC.
3. Trade-offs: resilience vs latency, and how transparency enables forensics even as takedowns get harder.
4. Practical detection: block JSON-RPC egress to public providers, use TLS/JARM and beacon-timing patterns, and watch for DNS tunneling.
π Read now: https://netlas.io/blog/evolution_of_c2_infrastructure/
909
5
Netlas.io
Mar 13, 2026, 06:52 AM
π· Photo
CVE-2025-66399: Command Injection in Cacti, 7.4 ratingβοΈ
A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE.
Search at http://Netlas.io/:
π Link: https://nt.ls/VJyxC
π Dork: http.title:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Vendor's advisory: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
900
7
Netlas.io
Mar 6, 2026, 12:53 AM
π· Photo
CVE-2025-55182: RCE in React Server Components, 10.0 rating π₯π₯π₯
The code of vulnerable components insecurely deserializes HTTP requests, which could allow an attacker to perform RCE.
Search at http://Netlas.io/:
π Link: https://nt.ls/lg3gz
π Dork: http://tag.name/:"react"
Vendor's advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
834
12
Netlas.io
Feb 16, 2026, 02:10 PM
CVE-2025-11699: Insufficient Session Expiration in nopCommerce, 7.1 ratingβοΈ
Because some versions of nopCommerce do not clear cookies, an attacker who gains access to someone else's cookie can use it to hijack a session or escalate privileges.
Search at http://Netlas.io/:
π Link: https://nt.ls/6rFG4
π Dork: http.meta:"nopCommerce"
Read more: https://seclists.org/fulldisclosure/2025/Aug/14
714
5
0
Netlas.io
Feb 16, 2026, 02:10 PM
Weβve just shipped Netlas Python SDK v0.8.0 πβ¨
This update brings more reliable downloads, refreshed stats handling, and broader SDK coverage β including new Discovery/Mapping methods, improved Scanner and Datastore tools, and a couple of nice usability touches in both profiles and the CLI.
π Check full changelog here: https://docs.netlas.io/changelog/
701
8
0
Netlas.io
Feb 6, 2026, 02:18 PM
Netlas is back online π
Weβve just finished rolling out Netlas v1.4.0 β a major upgrade that took a bit longer than expected, but itβs now live and ready to use.
Hereβs whatβs new:
π§ Discovery Tool: significantly improved UI and reworked flow β discovery now runs in the background so you can keep exploring your attack surface while data is being fetched.
π Port coverage: public scans now cover 1,000+ ports for broader visibility into exposed services.
π Tech detection: improved HTTP software detection; the next public scan will include 6,000+ application and technology names.
π CVE mapping: completely redesigned mapping via CPEs and product names, plus a new sortable, filterable vulnerabilities table in the UI.
π¦ Private Scanner: major data storage redesign after a year of intensive use, improving reliability and paving the way for future features.
π API change: when using the indices parameter, you now pass the scan label instead of its numeric ID.
Thanks a lot for your patience and support β it helped us get this release over the line.
π Full changelog and migration details: https://docs.netlas.io/changelog/
733
10
Netlas.io
Feb 4, 2026, 07:03 PM
π§ Planned Maintenance π§ An application will be unavailable for a period of timeβοΈ On Thursday, November 27, 2025, at 09:00 UTC β°, a major update will be implemented, which will also require changes to the structure of the Netlas databases. This will takeβ¦
606
3
0
Netlas.io
Dec 6, 2025, 04:26 PM
CVE-2025-10230: OS Command Injection in Samba, 10.0 rating π₯π₯π₯
An October vulnerability in the popular Samba AD package allows attackers to execute commands on a server by sending just one specially crafted packet.
Search at http://Netlas.io/:π Link: https://nt.ls/xGVmR
π Dork: smb:*
Vendor's advisory: https://www.samba.org/samba/history/security.html
981
16
0
Netlas.io
Dec 6, 2025, 04:26 PM
CVE-2025-64500: Authorization Bypass in Symfony, 7.3 ratingβοΈ
The vulnerability allows attackers to bypass certain access restrictions based on the leading "/" character.
Search at http://Netlas.io/:π Link: https://nt.ls/yxfE1
π Dork: http.body:"Symfony Web Debug Toolbar" OR http.title:"Welcome to Symfony!" OR http.title:"symfony project"
Vendor's advisory: https://symfony.com/blog/cve-2025-64500-incorrect-parsing-of-path-info-can-lead-to-limited-authorization-bypass
531
8
0
Netlas.io
Dec 6, 2025, 04:26 PM
CVE-2025-9501: Command Injection in W3 Total Cache plugin, 9.0 rating π₯
A vulnerability in a popular website speedup plugin allows attackers to remotely execute PHP code.
Search at http://Netlas.io/:π Link: https://nt.ls/GUyZV
π Dork: http.body:"plugins/w3-total-cache"
Read more: https://wpscan.com/vulnerability/6697a2c9-63ae-42f0-8931-f2e5d67d45ae/
