CyCognito Blog

Page 2 of 15
Research

Emerging Threat: Next.js CVE-2025-29927

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
March 27, 2025

CVE-2025-29927 is a critical authorization vulnerability (CVSS 9.1) in self-hosted Next.js applications using middleware, allowing attackers to bypass security checks with a crafted x-middleware-subrequest header. It affects versions 11.1.5 to 15.2.2, with patches available in newer releases. While there are no active exploits reported as of March 27, 2025, CyCognito has issued guidance to help organizations assess and mitigate exposure.

Go to the Post


Products

Dynamic IPs Are Breaking Security — Here’s How to Fix It

Shahar-Agmon
By Shahar Agmon
Product Manager at CyCognito
March 3, 2025

Managing cybersecurity with constantly changing IP addresses can feel like chasing a moving target. Dynamic IPs, such as from content delivery networks and load balancers, create security blind spots and reduce asset visibility. Without appropriate context and history, security teams waste time on noise while real threats go unnoticed. This blog explores the challenges of dynamic IPs and how CyCognito helps organizations cut through the clutter for clear, actionable security insights.

Go to the Post


Research

Emerging Threat: PAN-OS CVE-2025-0108

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
February 18, 2025

On February 12, 2025, Palo Alto Networks announced CVE-2025-0108, a high severity (8.8) authentication bypass vulnerability affecting Palo Alto Networks PAN-OS management web interface. This issue has a public PoC and is being actively exploited. CyCognito published an emerging threat advisory on this vulnerability within the CyCognito platform.

Go to the Post


Strategy

Security Risks in Internet-exposed SCADA in Manufacturing

Rob-Gurzeev
By Rob Gurzeev
CEO & Co-Founder
February 10, 2025

As manufacturing enterprises adopt digital transformation, integrating SCADA with cloud-based solutions introduces serious cybersecurity risks. This case study highlights how a Fortune 500 manufacturer inadvertently exposed SCADA systems to the internet, making them vulnerable to attacks. Traditional security tools failed to detect these exposures due to blind spots in asset inventory and reliance on predefined IP ranges. By leveraging external exposure management, the company identified and remediated these risks before exploitation. This incident underscores the need for continuous attack surface monitoring, risk-based prioritization, and automated asset discovery to secure operational technology (OT) environments against emerging threats.

Go to the Post


Research

Emerging Threat: Fortinet CVE-2024-55591

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
January 16, 2025

On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.8) authentication bypass vulnerability affecting FortiOS and FortiProxy. CVE-2024-55591 allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges. CyCognito is helping customers identify assets vulnerable to CVE-2024-55591.

Go to the Post


Research

Emerging Threat: Ivanti Connect Secure CVE-2025-0282 and CVE-2025-0283

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
January 13, 2025

Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. While both vulnerabilities involve similar buffer overflow mechanisms, only one allows unauthenticated remote code execution (RCE) and has been exploited in the wild. CyCognito customers can check their assets to identify if any are potentially vulnerable to these issues using filters available in the CyCognito dashboard.

Go to the Post


Research

Emerging Threat: Windows LDAP CVE-2024-49113

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
January 8, 2025

CVE-2024-49113 is a high severity unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Patching is recommended and vulnerable devices should be monitored for potential exploitation attempts.

Go to the Post


Research

Emerging Threat: Palo Alto PAN-OS CVE-2024-3393 

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
December 31, 2024

CVE-2024-3393 is a high severity Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. CyCognito has shared lists of potentially affected assets running PAN-OS with affected customers alongside a notification in-platform.

Go to the Post


Research

Emerging Threat: Apache Struts CVE-2024-53677

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
December 19, 2024

CVE-2024-53677 is a critical (9.5) remote code execution(RCE) vulnerability affecting popular open-source framework Apache Struts. Affected organizations are encouraged to upgrade to Struts 6.4.0 or greater and/or migrate to the new file upload mechanism. This vulnerability is actively being exploited and poses significant danger to enterprise organizations in both the public and private sectors.

Go to the Post


Strategy

Need to boost the value of your security budget in 2025? Here’s how.

Jason-Pappalexis
By Jason Pappalexis
Sr. Technical Marketing Manager
December 16, 2024

This post guides CISOs and cybersecurity managers on maximizing testing value despite tight budgets. It defines security testing program value and provides examples of areas to reduce costs and increase effectiveness. A walkthrough for an organization using vulnerability scanning, app sec, manual pen testing, security ratings and bug bounties is included.

Go to the Post


Older PostsNewer Posts

Topics


Search the Blog



Featured Posts

Emma Zaballos
A New Framework: Understanding Exposure Management 
By Emma Zaballos
November 11, 2024
Jason Pappalexis
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Jason Pappalexis
Think your attack surface is covered? Let’s look at the math.
By Jason Pappalexis
September 30, 2024
Emma Zaballos
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Graham Rance
Web Application Security Testing: Struggles, Shortfalls and Solutions
By Graham Rance
June 3, 2024


Top Tags


Stay informed

Subscribe to the Blog

Subscribe now to get the latest insights delivered straight to your inbox.

CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.

Request a Scan