Security Practitioner

Learn how Horizon3.ai uncovered CVE-2025-34508 in ZendTo, allowing attackers to access sensitive files through a path traversal flaw.

Rewriting Cybersecurity Rules. Led by veterans and ethical hackers, Horizon3.ai's NodeZero platform is transforming how organizations defend against threats.

Discover how NodeZero's autonomous RAT operates, why credentials dominate post-exploitation, and what it means for your cyber defense.

Explore how a hard-coded JWT in Cisco IOS XE WLC enables unauthenticated file upload and potential RCE—and how to mitigate it.

Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.

Discover how NodeZero emulates real attackers to uncover critical attack paths, escalate access, and deliver proof—fast and autonomously.

DoD supply chain cyber threats are surging. Learn how CAPT helps suppliers find, fix & verify gaps with scalable, autonomous security testing.

Security leaders can’t afford blind spots. Learn why proving security effectiveness is now a must—and how to meet the Duty to Know.

CVE-2025-3248 is a critical code injection vulnerability affecting Langflow, a popular tool used for building out agentic AI workflows. This vulnerability is easily exploitable and enables unauthenticated remote attackers to fully compromise Langflow servers. The issue is patched in Langflow 1.3.0.

Spring updates are here! Explore NodeZero’s latest threat detection, pentest, and insights features—built to stay ahead of attackers.