New at Horizon3.ai

Mythos has collapsed the attack path. | Learn how to prove your defenses now. →

Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

Bomb Streamline Icon: https://streamlinehq.com

CVE-2026-0257

CVE-2026-0257 is a critical authentication bypass vulnerability in Palo Alto Networks PAN-OS GlobalProtect that allows unauthorized VPN access and is actively exploited in the wild.
Read More →
Bomb Streamline Icon: https://streamlinehq.com

CVE-2026-44825

CVE-2026-44825 is a hardcoded credentials vulnerability affecting Apache Solr Basic Authentication setup workflows. The flaw may allow attackers to gain administrative access to vulnerable SolrCloud deployments.
Read More →

SEARCH

CATEGORIES

TAGS

SEARCH

    Factsheets

    Third-Party Risk Management

    May 27, 2026
    NodeZero for TPRM: NodeZero proactively secures your supply chain by replacing assumptions with proof. It empowers you to find, fix, and validate third-party risks before they disrupt your business.
    Read More →
    Whitepapers

    The 2026 Buyer’s Guide to Penetration Testing

    May 20, 2026
    The 2026 Buyer’s Guide to Penetration Testing explains how security leaders are reevaluating pentesting based on exploitability, validation, and real-world attack paths.
    Read More →
    Cybersecurity evaluation guide focused on penetration testing, attack path validation, exploitability, and measurable risk reduction
    Customer Stories

    From Point-in-Time Testing to Continuous Security Validation

    May 18, 2026
    Learn how Mid Devon District Council moved beyond annual pentests to continuously validate exploitable risk, strengthen identity security, and accelerate remediation with autonomous pentesting.
    Read More →
    Horizon3.ai customer story booklet for Mid Devon District Council focused on continuous security validation and autonomous pentesting
    Whitepapers

    Strengthen Supply Chain Security for CMMC

    May 18, 2026
    This whitepaper explains how organizations can move beyond CMMC compliance to continuously validate real-world security across the supply chain.
    Read More →
    Blogs

    You’re Only as Secure as Your Last Evaluation

    May 18, 2026
    CMMC is shifting cybersecurity from periodic compliance to continuous validation across the Defense Industrial Base supply chain.
    Read More →
    Chart showing the phased implementation timeline for updated CMMC requirements across the Defense Industrial Base
    Blogs

    From Patch Tuesday to Pentest Wednesday®: How a Software Provider Closed Unknown Paths to Cloud Compromise

    May 13, 2026
    A healthcare software provider uncovered hidden attack paths to AWS compromise and transformed security operations through continuous validation.
    Read More →
    Pentest Wednesday banner featuring NodeZero and the Find-Fix-Verify security testing rhythm
    Attack Blogs, Attack Research, Blogs

    Autonomous AI Cyber Defense You Can Trust in Production

    May 6, 2026
    New research reveals how to make AI-powered cyber defense safe, stable, and reliable for real-world deployment.
    Read More →
    Horizon3.ai logo banner
    Whitepapers

    Unifying SOC and ITSM

    May 5, 2026
    A leadership guide to aligning SOC and ITSM teams using evidence-driven cyber risk management and real-world validation.
    Read More →
    Whitepaper mockup for bringing SOC and ITSM together to improve security operations and response workflows
    Video

    Webinar: When Conflict Extends Into Cyberspace

    Using Threat Actor Intelligence to Respond to Iranian Cyber Activity Recent Iranian cyber activity reveals a strategic shift toward a decentralized, opportunistic model. Rather than highly bespoke campaigns, operators are increasingly acting like "cyber guerrillas” by rapidly weaponizing newly disclosed VPN and edge device vulnerabilities to chain internet-facing exposures into enterprise-wide compromise. If your organization…
    Watch Now →
    Cybersecurity webinar on Iranian threat actors, attack paths, and threat intelligence for identifying real-world cyber risk
    Factsheets

    Project Glasswing & NodeZero® Factsheet

    April 28, 2026
    See how Glasswing and NodeZero combine to identify vulnerabilities and validate which ones can actually be exploited.
    Read More →
    Project Mythos factsheet highlighting attack path validation and exposure management insights