New at Horizon3.ai

Mythos has collapsed the attack path. | Learn how to prove your defenses now. →

Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

Bomb Streamline Icon: https://streamlinehq.com

CVE-2026-9082

CVE-2026-9082 is a highly critical SQL injection vulnerability in Drupal core affecting PostgreSQL-backed deployments. The flaw allows unauthenticated attackers to execute arbitrary SQL queries and potentially compromise affected environments.
Read More →
Bomb Streamline Icon: https://streamlinehq.com

CVE-2026-23734

CVE-2026-23734 is a critical path traversal vulnerability affecting XWiki’s xwiki-commons-classloader-api component. The flaw may allow unauthenticated attackers to access sensitive configuration files through crafted ssx and jsx endpoint requests.
Read More →

SEARCH

CATEGORIES

TAGS

SEARCH

    Customer Stories

    Higher Education Institution Finds a Real Look at Vulnerabilities and Exploits with NodeZero

    August 8, 2022
    When the Desert Research Institute (DRI) of Reno, NV, a higher education organization focusing on applied environmental research, needed a way to run penetration testing and vulnerability scanning at an affordable cost, they found NodeZero.
    Read More →
    Customer Story - Higher Education Institution Finds Easier, Better Scanning with NodeZero
    Customer Stories

    Horizon3.ai allows us to maximize security with minimum effort

    June 17, 2022
    NodeZero identified those critical few vulnerabilities that are actually exploitable, allowing us to maximize increased security with minimum effort.
    Read More →
    Customer Stories

    How NodeZero Helped the City of St. Petersburg Improve Its Defenses

    June 14, 2022
    As the Information Technology Security Officer for the City of St. Petersburg, FL, Brian Campbell is always on the lookout for ways to elevate the city’s security posture. A cold phone call from Horizon3.ai led to a test run of NodeZero, with its capacity to save time and effort assessing and addressing potential weaknesses.
    Read More →
    Customer Stories

    Misreporting Tools Leave Servers Vulnerable for 18 Months

    April 6, 2022
    Teaching hospital insisted on false positive when NodeZero exploited a critical but year-old vulnerability in under one day, but...
    Read More →
    Misreporting Tools Leave Servers Vulnerable for 18 Months
    Customer Stories

    My Endpoint Detection and Response (EDR) Should Have Caught That!

    April 6, 2022
    It isn’t enough to have to have the security solution. A medical clinic with over 120 providers used best-in-class endpoint detection and response (EDR) software. Nevertheless, NodeZero quickly identified a device’s Local Security Authority Subsystem Service Process (LSASS), dump and cracked user credentials, moved laterally, and gained Windows Domain Administrator privileges. The result: full domain…
    Read More →
    My EDR Should Have Caught That!