Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On August 26th, 2025, Citrix patched CVE‑2025‑7775, a memory overflow vulnerability in NetScaler ADC and Gateway appliances that allows unauthenticated remote code execution (RCE) and/or denial-of-service. This threat is confirmed to be actively exploited in the wild. Citrix strongly emphasized that no mitigations exist aside from applying the patch immediately.

Hint: EASM by itself is a means, not an end. In the rapidly evolving landscape of cybersecurity, few innovations have shown as much early promise as External Attack Surface Management (EASM). Its core value proposition the ability to continuously discover, inventory, and monitor all internet-facing assets of an organization was compelling from the start. Yet, despite its utility and adoption across multiple cybersecurity disciplines, Gartner recently declared EASM an obsolete standalone product category.

Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE) has suffered two critical vulnerabilities CVE‑2025‑54253 and CVE‑2025‑54254 disclosed in early August 2025. According to Adobe, both flaws carry public proof-of-concept (PoC) exploits, though there are no known in-the-wild attacks as of today.

Our threat-hunting team just uncovered a mass-produced remote DNS-manipulation campaign that hijacked an entire nameserver (NS) delegation belonging to a Fortune 500 company. Within hours, the attacker used that foothold to create over 9,500 brand-new subdomains, all resolving to the same criminal infrastructure serving illicit gambling pages.

Our DevOps environment moves fast. Cloud instances spin up and down. Containers launch and retire. New APIs appear without warning. Trying to track it all with scripts, spreadsheets, and one-off scans meant I often missed things. A TLS certificate would slip through. An open port would go unnoticed. I’d spend hours chasing down who owned an asset.

The cybersecurity industry has long been caught in the pendulum swing between platform consolidation and best-of-breed solutions. According to a recent Team8 CISO Village survey, it seems that pendulum may be swinging from recent years where consolidated platforms led the market back to best-of-breed. The survey reveals that 60% of CISOs now favor best-of-breed technologies over consolidated platforms.

A critical remote code execution vulnerability, CVE-2025-54309, has been identified in CrushFTP server, impacting versions prior to 10.8.5 and 11.3.4_23. This vulnerability exists when the DMZ proxy feature is not in use. It stems from improper validation in the AS2 (Applicability Statement 2) protocol over HTTPS, allowing unauthenticated remote attackers to gain administrative access to the system.

Microsoft recently disclosed a critical remote code execution (RCE) vulnerability in Microsoft SharePoint Server, tracked as CVE-2025-53770. This flaw has been actively exploited in the wild, making it a high-priority concern for enterprises relying on SharePoint for content management and collaboration. In this blog, we’ll unpack the technical root of the vulnerability, how exploitation works, the risks posed, mitigation steps, and what to do if you think you may be impacted. In this article.

Gartner has officially declared it: External Attack Surface Management (EASM) is obsolete. To many, this announcement may come as a surprise. For us at IONIX, it’s confirmation of what we’ve known and been advocating for over the past two years. We’ve spoken with hundreds of enterprises.

Today, we’re excited to announce a powerful new integration between IONIX and Cloudflare that enables organizations to comprehensively govern, manage and secure their entire external attack surface with confidence.