Security Practitioner

Discover hidden cybersecurity risks from our 2025 report. Unfiltered insights on BAS, compliance pitfalls, third-party threats & more.

CrushFTP auth bypass (CVE-2025-2825) could grant attackers admin access. Learn IoCs & test exposure with NodeZero. Patch now!

Explore CVE-2025-30066 and CVE-2025-24813 with real-world data from Horizon3.ai to assess whether these vulnerabilities are truly critical or overhyped.

Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.

SimpleHelp remote support software is susceptible to critical vulnerabilities that could allow full takeover of SimpleHelp servers. Users of SimpleHelp should upgrade to the latest version ASAP.

This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.

This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.

Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats.

How Horizon3.ai's Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, Horizon3.ai developed and recently unveiled…

Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically.