Resource Center

Welcome to our cybersecurity resource center where we uncover how malicious actors exploit weaknesses in systems, while going beyond the technical aspects and examining real-world perspectives across various industries.

LATEST VULNERABILITIES

Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-11371

Gladinet CentreStack / Triofox Local File Inclusion (LFI) | 0-Day Active Exploitation
Read More →
Bomb Streamline Icon: https://streamlinehq.com

CVE-2025-20362 · CVE-2025-20333 · CVE-2025-20363

Cisco ASA / FTD WebVPN Vulnerabilities
Read More →

WEBINAR REPLAY

SEARCH

CATEGORIES

TAGS

    Blogs

    Securing the NodeZero® MCP Server: Building a Safe, Agent-Ready Runtime for Enterprises

    When we set out to build the first version of the NodeZero MCP Server, we had two guiding principles: Most Model Context Protocol (MCP) servers today are overpowered and underdefended. They often: We didn’t build ours that way. The NodeZero MCP Server is a constrained, API-native runtime designed to give agents safe, structured access to…
    Read More →
    Blogs

    Fix What Matters Most: Six New NodeZero® Capabilities That Redefine Risk-Based Vulnerability Management

    Vulnerability management started with scanning — identify assets, fingerprint software, and match scan findings to known CVEs. Then came “risk-based” approaches that promised smarter prioritization. But in practice, most programs still just patch what scores the highest. Risk is inferred, not proven. Fixes are assumed to work. And security teams are left guessing what actually…
    Read More →
    Blogs

    Vulnerability Management Is Broken: There is a Better Way

    July 28, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →
    Large crack across concrete with small ineffective bandaid placed on it
    Video

    Unlocking Next-Level Security with Horizon3.ai & Optiv

    Horizon3.ai and Optiv lead the charge in the ever-evolving, innovation demanding field of cybersecurity. Find out how in this webinar.
    Watch Now →
    Attack Blogs

    CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe?

    July 7, 2025
    Background and Confusion On June 17, 2025, Citrix published an advisory detailing CVE-2025-5777 and CVE-2025-5349. Affected products include: On June 25, 2025, they also published an advisory detailing CVE-2025-6543. Affected products include: Of the three vulnerabilities, two of them have been receiving a bit of buzz: While we’ve developed a working exploit for one of…
    Read More →
    Whitepapers

    Demonstrating DORA Resilience in the Financial Sector

    July 1, 2025
    Help financial services meet DORA compliance. Use NodeZero®️ to validate ICT resilience, test controls, and prove readiness
    Read More →
    Whitepapers

    Unmasking Risk: The CISO’s 100-Day Guide to Autonomous Testing, Security Validation, and CTEM

    July 1, 2025
    A practical 100-day guide for CISOs to mature security fast with autonomous testing and CTEM—prioritize risk, drive action, and stay ahead of threats.
    Read More →
    Whitepapers

    NodeZero Federal™ – Mission Proven Security

    Download the whitepaper to learn how NodeZero Federal™️ delivers FedRAMP High authorized, autonomous security testing—proven in national security missions.
    Read More →
    Factsheets

    NodeZero Federal

    June 27, 2025
    Horizon3.ai's NodeZero Federal provides production-safe, autonomous penetration testing for federal agencies. Achieve continuous readiness with proven, exploitable findings and rapid retest validation.
    Read More →
    Blogs

    Vulnerable vs. Exploitable: Why Understanding the Difference Matters to Your Security Posture

    June 25, 2025
    Scanning and patching aren't enough. Learn the critical difference between being vulnerable and being exploitable—and why it's the key to preventing real-world breaches.
    Read More →