Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

ionix

IONIX Unveils Parked Domain Classification

Apr 1, 2025 By Sahar Lazari In IONIX
IONIX is proud to announce the launch of our new Parked Domain Classification capability within our Exposure Management platform. This feature enables security teams to intelligently categorize and monitor parked domains as distinct assets, significantly reducing alert noise while maintaining comprehensive visibility across your entire domain portfolio.
Read Post
cycognito

Emerging Threat: Next.js CVE-2025-29927

Mar 27, 2025 By Emma Zaballos In CyCognito
A critical improper authorization vulnerability (CVSS 9.1) in Next.js, tracked as CVE-2025-29927, was publicly disclosed on March 21, 2025. Next.js is a popular React-based web framework used for building full-stack applications. This vulnerability impacts applications that utilize middleware for authorization checks. Middleware functions used to implement access control, session validation, redirects, or security headers on incoming HTTP requests.
Read Post
ionix

Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)

Mar 26, 2025 By Amit Sheps In IONIX
Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS.
Read Post
knocknoc

Knocknoc Raises Seed Funding to Scale Its Just-In-Time Network Access Control Technology

Mar 19, 2025 By Knocknoc
Sydney-based cybersecurity software company Knocknoc has raised a seed round from US-based venture capital firm Decibel Partners with support from CoAct and SomethingReal. The funding will support go-to-market, new staff, customer onboarding and product development. The company has appointed Adam Pointon as Chief Executive Officer. "The opportunity here is limitless," Pointon said. "You'd be hard pressed to find an organisation that couldn't benefit in some way from using Knocknoc.".
Read Post

Spotlight on Technology: Mastering Attack Surface Management with Censys

Mar 19, 2025 By Razorthorn In Razorthorn
In our latest episode, join me, James Rees, for a chat with Nick Palmer from Censys about the critical importance of attack surface management. With 25 years of experience in the industry, Nick explains how today's threat landscape has evolved dramatically, with attackers now discovering vulnerabilities within hours rather than weeks. We explore the challenges of maintaining visibility across expanding digital footprints, particularly with cloud adoption creating new blind spots for security teams.
View Video
ionix

Exploited! Apache Tomcat Path Equivalence Vulnerability (CVE-2025-24813)

Mar 12, 2025 By Amit Sheps In IONIX
Apache Tomcat recently disclosed a critical security vulnerability, CVE-2025-24813, affecting several versions of its widely used servlet container. This vulnerability arises from improper handling of path equivalence checks involving filenames with internal dots (file…txt). Exploitation could result in unauthorized information disclosure, file manipulation, and even remote code execution (RCE).
Read Post
sedara

How Sedara ASM Transforms Cybersecurity for Your Business

Mar 12, 2025 By Mohammed Hoque In Sedara
Cybersecurity has advanced beyond the reliance on firewalls and antivirus software. As cyber threats become more sophisticated and unpredictable, traditional security tools alone are no longer enough. Modern attacks exploit unknown, unmanaged, and overlooked assets, making Attack Surface Management (ASM) essential for a proactive and comprehensive defense.
Read Post
Arctic Wolf

What is Attack Surface Management?

Mar 11, 2025 By Arctic Wolf In Arctic Wolf
With the rise of hybrid work and software-as-a-service (SaaS) applications for core business functions, as well as the near ubiquity of the cloud, organizations’ attack surfaces are no longer easily defined. In many cases, they are rapidly expanding. This presents both new opportunities for threat actors and new challenges for security teams, giving rise to a new tactic for security posture improvement — attack surface management.
Read Post
bitsight

Prioritizing Critical Third-Party Assets to Protect Your Extended Attack Surface

Mar 4, 2025 By Amanda Ravanesi In BitSight
The enterprise attack surface now extends well beyond the network firewall. As a result, Third Party Risk Management Teams are increasingly becoming an extension of Security Operations Centers, responding in times of crisis to questions of who, what, and more urgently, how and when. The line between ‘their exposure’ and ‘our risk’ is almost non-existent. But bridging the gap between data and platforms can be challenging.
Read Post
ionix

Can Autonomous LLM Agents Exploit One Day Vulnerabilities?

Mar 3, 2025 By Fara Hain In IONIX
When generative AI first emerged, the cybersecurity community primarily focused on two promising benefits. However, a concerning “third angle” has now been demonstrated: AI as an attacker – powerful AI systems in the hands of malicious actors, autonomously exploiting vulnerabilities with minimal human guidance.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.