New in NodeZero®

Additional visibility into Iranian-backed threat actor activity | Available now to all customers

Security Practitioner

SEARCH

CATEGORIES

TAGS

    Blogs

    Mythos Didn’t Break Cybersecurity. It Exposed What Was Already Broken.

    April 17, 2026
    Mythos shows that finding vulnerabilities isn’t the problem—understanding exploitability and impact is what security teams are missing.
    Read More →
    Blogs

    Incident Response Remediation: How to Eliminate Attack Paths After a Breach

    April 8, 2026
    Digital threat monitoring shows threats and exposure—but not whether attackers can exploit your environment. Here’s what matters next.
    Read More →
    Cybersecurity network visualization showing connected systems and threat monitoring across an external attack surface
    Attack Blogs, Attack Research, Blogs, Disclosures

    10 Minutes with Claude: Remote Code Execution in Apache ActiveMQ (CVE-2026-34197)

    April 7, 2026
    CVE-2026-34197 enables remote code execution in ActiveMQ via Jolokia. Exploitation chains VM transport and remote config loading.
    Read More →
    ActiveMQ vm transport exploitation showing creation of a broker and loading of attacker-controlled configuration
    Blogs

    Best Tools for Digital Threat Monitoring and Cyber Threat Visibility

    April 1, 2026
    Digital threat monitoring reveals attacker activity and exposure across your environment—but does it show what’s actually exploitable?
    Read More →
    Security monitoring control room with multiple screens displaying surveillance feeds representing digital threat monitoring and cyber visibility
    Blogs

    When Conflict Extends Into Cyberspace: What Security Leaders Should Expect

    March 16, 2026
    Iranian cyber operators are increasingly targeting critical infrastructure and enterprise systems. Here’s what security leaders should expect and how to prepare.
    Read More →
    Close-up of a hand using a backlit tablet displaying digital data
    Attack Blogs, Attack Research, Blogs

    Preemptive Exposure Management Is the Goal. Autonomous Attack Validation Is How You Get There.

    March 4, 2026
    Reacting to cyberattacks has never been a winning strategy. Most organizations know this, yet many still find themselves responding after the fact, investigating incidents, explaining impact, and rebuilding trust with leadership. What’s changed is a growing recognition that risk must be reduced before attackers act, not measured after the damage is done. That’s the promise…
    Read More →
    Hand adjusting a risk control knob representing risk management strategy
    Attack Blogs, Attack Paths, Attack Research

    When “Read-Only” Isn’t: K8s nodes/proxy GET to RCE

    February 27, 2026
    A Kubernetes service account with “read-only” nodes/proxy GET permission can execute arbitrary commands across pods via the kubelet API. This post breaks down how WebSocket behavior turns monitoring access into cluster-wide RCE—and how NodeZero detects it.
    Read More →
    Kubernetes nodes/proxy GET permission leading to kubelet remote code execution attack path
    Blogs

    How Do I Choose the Best Pentesting Solution for My Business?

    February 25, 2026
    Choosing a penetration testing solution isn’t a box-checking exercise. When the approach doesn't fit the need, teams often waste budget and time while walking away with a false sense of security. A clean pentest report might look reassuring, but it doesn’t automatically mean defenses are effective or that risk is actually being reduced. A better…
    Read More →
    Factory worker writing on a clipboard in an industrial facility
    Blogs

    How Horizon3.ai’s NodeZero® Platform Supports the Realtime Evaluation of the Effectiveness of Zero Trust Functionality for the US Federal Government.

    February 5, 2026
    NodeZero® enables federal agencies to continuously validate Zero Trust controls in production environments, delivering real-time, adversary-driven proof aligned to FedRAMP, NIST, CMMC, and DoD Zero Trust mandates.
    Read More →
    United States courthouse building in Los Angeles
    Attack Blogs, Attack Research

    CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue

    January 28, 2026
    CVE-2025-40551 details multiple chained vulnerabilities in SolarWinds Web Help Desk that allow unauthenticated attackers to achieve remote code execution on vulnerable instances.
    Read More →
    NodeZero dashboard view showing autonomous pentesting results and attack paths