Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes ingress controller. When exploited together, these vulnerabilities allow for configuration injection through the Validating Admission Controller.

If you are a mature organization, you might manage an external IP block of 65,000 IP addresses (equivalent to a /16 network). In contrast, very large organizations like Apple may handle an astonishing 16.7 million IP addresses or more (about a /8 network). However, this isn’t the case for many of us. IP addresses are fixed assets and can be costly, so most modern organizations do not have a large number of directly assigned IP addresses for every service they expose to the internet.

We are excited to announce Detectify Alfred, a revolutionary system that uses AI to completely autonomously collect and prioritize threat intelligence and generate high-fidelity security tests for the CVEs that are most likely to be exploited in the wild.