Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-57819

FreePBX Authentication Bypass RCE
Read More →
Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-7776

Citrix Netscaler Memory Corruption Vulnerability
Read More →

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Blogs

    Supercharge Enterprise AI with the Attacker’s Perspective: Introducing the NodeZero® MCP Server

    Enterprises are racing to harness AI to automate workflows, secure infrastructure, and accelerate decision-making. But here’s the uncomfortable truth: AI that doesn’t see your environment through an attacker’s eyes is operating blind.
    Read More →
    Blogs

    Securing the NodeZero® MCP Server: Building a Safe, Agent-Ready Runtime for Enterprises

    When we set out to build the first version of the NodeZero MCP Server, we had two guiding principles: Most Model Context Protocol (MCP) servers today are overpowered and underdefended. They often: We didn’t build ours that way. The NodeZero MCP Server is a constrained, API-native runtime designed to give agents safe, structured access to…
    Read More →
    Blogs

    Fix What Matters Most: Six New NodeZero® Capabilities That Redefine Risk-Based Vulnerability Management

    Vulnerability management started with scanning — identify assets, fingerprint software, and match scan findings to known CVEs. Then came “risk-based” approaches that promised smarter prioritization. But in practice, most programs still just patch what scores the highest. Risk is inferred, not proven. Fixes are assumed to work. And security teams are left guessing what actually…
    Read More →
    Blogs

    Vulnerability Management Is Broken: There is a Better Way

    July 28, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Large crack across concrete with small ineffective bandaid placed on it
    Research

    Horizon3.ai Named in the 2025 Gartner® Hype Cycle™ for Security Operations

    July 22, 2025
    Learn how adversarial exposure validation moves beyond risk scoring to validate real-world exploitability. Get Gartner’s 2025 Hype Cycle report.
    Read More →
    Red haired girl coding on two screens
    Video

    Webinar: Unlocking Next-Level Security with Horizon3.ai & Optiv

    Horizon3.ai and Optiv lead the charge in the ever-evolving, innovation demanding field of cybersecurity. Find out how in this webinar.
    Watch Now →
    Attack Blogs

    CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?

    July 7, 2025
    Background and Confusion On June 17, 2025, Citrix published an advisory detailing CVE-2025-5777 and CVE-2025-5349. Affected products include: On June 25, 2025, they also published an advisory detailing CVE-2025-6543. Affected products include: Of the three vulnerabilities, two of them have been receiving a bit of buzz: While we’ve developed a working exploit for one of…
    Read More →
    Whitepapers

    Demonstrating DORA Resilience in the Financial Sector

    July 1, 2025
    Help financial services meet DORA compliance. Use NodeZero®️ to validate ICT resilience, test controls, and prove readiness
    Read More →
    Whitepapers

    Unmasking Risk: The CISO’s 100-Day Guide to Autonomous Testing, Security Validation, and CTEM

    July 1, 2025
    A practical 100-day guide for CISOs to mature security fast with autonomous testing and CTEM—prioritize risk, drive action, and stay ahead of threats.
    Read More →
    Whitepapers

    NodeZero Federal™ – Mission Proven Security

    Download the whitepaper to learn how NodeZero Federal™️ delivers FedRAMP High authorized, autonomous security testing—proven in national security missions.
    Read More →