New in NodeZero®

Additional visibility into Iranian-backed threat actor activity | Available now to all customers

Security Practitioner

SEARCH

CATEGORIES

TAGS

    Attack Blogs, Disclosures

    Ivanti Endpoint Manager – Multiple Credential Coercion Vulnerabilities

    February 19, 2025
    Critical Ivanti Endpoint Manager vulnerabilities revealed—learn about CVE exploits and mitigation.
    Read More →
    Attack Blogs, Disclosures

    Critical Vulnerabilities in SimpleHelp Remote Support Software

    January 13, 2025
    SimpleHelp remote support software is susceptible to critical vulnerabilities that could allow full takeover of SimpleHelp servers. Users of SimpleHelp should upgrade to the latest version ASAP.
    Read More →
    Attack Blogs, Disclosures

    NTLM Credential Theft in Python Windows Applications

    August 23, 2024
    This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.
    Read More →
    Attack Blogs, Disclosures

    Traccar 5 Remote Code Execution Vulnerabilities

    August 23, 2024
    This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.
    Read More →
    Blogs

    Mastering Cloud Security: Uncovering Hidden Vulnerabilities with NodeZero™

    August 21, 2024
    Master cloud security with NodeZero™ Cloud Pentesting. Easily uncover vulnerabilities across AWS and Azure, prioritize identity risks, and secure your environment in just minutes. Stay ahead of threats.
    Read More →
    Blogs

    Ensuring Cybersecurity: Horizon3.ai’s Rapid Response Service in Action

    July 10, 2024
    How Horizon3.ai's Rapid Response Identified and Mitigated a Critical Mirth Connect Vulnerability A key consideration in cybersecurity is determining whether a known software vulnerability is actually exploitable. This often depends on how and where the at-risk software is deployed in your environment. To address the need to find what’s exploitable, Horizon3.ai developed and recently unveiled…
    Read More →
    Blogs

    Enhancing Vulnerability Management: Integrating Autonomous Penetration Testing

    June 17, 2024
    Traditional vulnerability scanning tools are enhanced with NodeZero's autonomous penetration testing, revolutionizing Vulnerability Management by providing comprehensive risk assessment, exploitability analysis, and cross-host vulnerability chaining, empowering organizations to prioritize and mitigate security weaknesses strategically.
    Read More →
    Attack Blogs, Disclosures

    Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces

    June 14, 2024
    This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces platform after a recently reported potential breach.
    Read More →
    Video

    Fireside Chat: Horizon3.ai and LYT.

    DoD supply chain cyber threats are surging. Learn how CAPT helps suppliers find, fix & verify gaps with scalable, autonomous security testing.
    Watch Now →
    Factsheets

    Get Ahead of Emerging Threats with Horizon3.ai’s Rapid Response Service

    April 30, 2024
    In the ever-evolving landscape of cybersecurity, the speed of your response to emerging cyber threats can be the difference between a minor security incident and a catastrophic breach. Horizon3.ai provides you with a strategic advantage by enabling preemptive action in the steadily shrinking window of time between the public disclosure of a vulnerability and its…
    Read More →