Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Threat Context Monthly: Green Nailao & UNC3886 - Briefing for March 2025
Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team. Here’s what you need to know from March about espionage activities by threat actors Green Nailao and UNC3886.
Security Bulletin: Critical Vulnerabilities in Kubernetes Ingress NGINX Controller
CVE-2025-1974 is a critical remote code execution (RCE) vulnerability in Kubernetes’ Ingress-NGINX Controller that allows unauthenticated attackers with network access to inject arbitrary NGINX configuration directives, potentially leading to full cluster compromise. Ingress-NGINX is a software-only ingress controller provided by the Kubernetes project. Because of its versatility and ease of use, ingress-nginx is quite popular: it is deployed in over 40% of Kubernetes clusters.
How to Build a Mature Vulnerability Management Program
The terms “patch management” and “vulnerability management“ are not the same. And that difference is a big difference. They may be confused because applying patches is one of the many ways to mitigate cyber risks. However, it is one piece of the entire vulnerability management puzzle and organizations that do not realize this are burdened with a false sense of security.
How to use CSM Vulnerability Management
Learn how to detect and remediate container and host vulnerabilities using Cloud Security Management.
Exploited! Kentico Xperience Staging Service Authentication Bypass Vulnerabilities (CVE-2025-2746 & CVE-2025-2747)
Recently, two critical security flaws were discovered in Kentico Xperience 13, a popular digital experience platform (CMS). Tracked as CVE-2025-2746 and CVE-2025-2747, these vulnerabilities allow unauthenticated attackers to bypass the Staging Sync Server’s authentication, potentially gaining administrative control over the CMS.
Exploring AI for Vulnerability Investigation and Prioritisation
The sheer volume of cybersecurity vulnerabilities is overwhelming. In 2024, there were 39,998 CVEs — an average of 109.28 per day! This constant stream of new threats makes it increasingly difficult for security teams to keep up. Large Language Models (LLMs) offer a possible solution, helping automate vulnerability investigation and prioritisation, allowing teams to more efficiently assess and respond to emerging risks. Do you even have time to skim over 109 CVEs a day?
GPSec Boston 2025 - CTEM: How to Start When You Haven't Started
What does it really take to start a Continuous Threat Exposure Management (CTEM) program—especially if your organization hasn’t formally begun? In this GPSec Boston 2025 session, Scott Kuffer, COO and Co-founder of Nucleus Security, joins Chris Peltz, Director of Security Strategy at GuidePoint Security, to demystify CTEM by stripping away the buzzwords and breaking down the practical steps for getting started.
CVE-2025-1974: Critical Unauthenticated RCE Vulnerability in Ingress NGINX for Kubernetes
On March 24, 2025, ingress-nginx maintainers released fixes for multiple vulnerabilities that could allow threat actors to take over Kubernetes clusters. Ingress is a Kubernetes feature that defines how workload Pods are exposed to the network, while an Ingress Controller implements those rules by configuring the necessary local or cloud resources. According to Kubernetes, ingress-nginx is deployed in over 40% of Kubernetes clusters.