Observed Exploitation of CVE-2025-32433 in the Wild | TXOne Networks
Exploitation of CVE-2025-32433 in Erlang/OTP is active. Multiple campaigns and varied payloads highlight need for urgent patching.| TXOne Networks
Exploitation of CVE-2025-32433 in Erlang/OTP is active. Multiple campaigns and varied payloads highlight need for urgent patching.| TXOne Networks
In this post, we review the security breaches experienced by these companies and assess how an Attack Surface Management (ASM) solution...| CIP Blog
By Dan Cartmill, Senior Director Global Product Marketing | TXOne Networks TXOne Networks has been recognized as an “Innovator” in the 2025 IT/OT Network Protection Platform Navigator, released by Westlands Advisory. This report highlights how TXOne addresses the most pressing cybersecurity challenges facing industrial organizations today, all without disrupting operations. Urgent Market Requirements Demand... Read more » The post Westlands Advisory Recognizes TXOne Networks as ‘Inn...| TXOne Networks
In July 2025, a proof-of-concept (PoC) code for a memory leak vulnerability (CVE-2025-5777) affecting Citrix NetScaler ADC and Gateway appliances was publicly released. Since then, exploitation attempts targeting these devices have increased significantly worldwide. This vulnerability poses a significant risk as it allows unauthorized attackers to leak sensitive information directly from memory, similar to the [...] The post CitrixBleed 2 (CVE-2025-5777) Mitigation: A Guide to Detecting Expos...| CIP Blog
Nation-state cyber warfare has evolved beyond simple data theft into a complex threat that can paralyze critical infrastructure. For over a decade, Israel and Iran have engaged in a series of cyber confrontations, turning cyberspace into a battlefield as intense as any physical conflict. Notable incidents—such as Stuxnet, which disabled Iran’s nuclear facilities, and cyberattacks targeting Israel’s [...] The post Israel–Iran Digital Warfare: National Cyber Attack Surface Analysis Us...| CIP Blog
Phishing attack post shared by David Zhang on X [Source: https://x.com/dazhengzhang/status/1937773747068682432]> On June 25, 2025, David Zhang, co-founder of the stablecoin platform Stably and the public grant protocol dTRINITY, revealed a highly sophisticated phishing attack in a post on X (formerly Twitter). Unlike traditional phishing that simply lures victims into clicking malicious links, this attack used social engineering techniques that impersonated a [...] The post North Korea...| CIP Blog
We introduce hands-on examples of how to use Criminal IP's Tag and Filter functions to uncover real-world attack infrastructure.| CIP Blog
이 글에서는 CVE-2025-49113의 주요 내용과 위협, CTI 기반으로 외부에 노출된 Roundcube 서버 탐지 방법을 소개하고자 한다. Criminal IP에서 검색된 Roundcube 인스턴스는 56,225건에 달한다.| CIP Blog
We’ll introduce practical search queries using Criminal IP’s Tag and Filter system to explore real-world malicious infrastructure.| CIP Blog
This post examines the affected versions, potential impacts, and CTI-driven strategies to monitor and defend against the...| CIP Blog
It provides the threat of cryptocurrency mining malware that exploits exposed Docker API port 2375, along with CTI-based response strategies.| CIP Blog
SAP NetWeaver vulnerability CVE-2025-31324 is a vulnerability that may lead to server hijacking and RCE via unrestricted file uploads.| CIP Blog
Among over 90 threat intelligence platforms used to analyze a specific IP address involved in a hacking attack, only Criminal IP identified it as malicious. This article presents a real-world case that highlights Criminal IP’s advanced technology for detecting malicious infrastructure.| CIP Blog
This article reviews the Erlang/OTP SSH vulnerability (CVE-2025-32433) and explains how to detect exposed servers via Criminal IP Asset Search, offering actionable response strategies.| CIP Blog
A brief overview of the Next.js middleware authentication bypass vulnerability (CVE-2025-29927), threat hunting insights using Shodan and Criminal IP, and practical security countermeasures.| CIP Blog
This article explores Chimmed and Rusmedtorg’s operations and details how Criminal IP Asset Search and Criminal IP Domain Search...| CIP Blog
Cases of malware distribution through phishing websites exploiting DeepSeek's popularity, leading to increased use of...| CIP Blog
This article explores the exploitation of the CVE-2023-30799 vulnerability, the botnet formation process, and the importance of...| CIP Blog
이번 글에서는 보안을 위해 설치한 스팸 방지 플러그인 CleanTalk이 오히려 사이트의 보안을 위협하게 된 두 가지 취약점의 악용 가능 여부 및 영향과, 실제로 취약한 워드프레스 플러그인 영향을 받는 사이트를 위협 헌팅 도구로 찾는 방법을 알아보도록 한다.| CIP Blog
Oracle WebLogic vulnerability CVE-2020-2883, demonstrates its potential dangers through a proof of concept (PoC), and emphasizes...| CIP Blog
Changes to Credit Allocations by Criminal IP Plan On April 1, 2025, we will change the number of credits available for each plan across four categories.| CIP Blog
Prometheus, an open-source monitoring and alerting toolkit, is widely used by organizations for its robust functionalities. However...| CIP Blog
This article explores how to identify devices vulnerable to these PAN-OS exploits using the attack surface-based threat intelligence (TI)...| CIP Blog
[ Criminal IP vs. Shodan : A Comparative Analysis of CVE Data] This article compares and analyzes the CVE data from Criminal IP and Shodan.| CIP Blog
In this article, we discuss the malware distribution of TAG-112 via Cobalt Strike, analysis of domains used in the attack and response plans.| CIP Blog
This article explores how to check for IP camera hacking threats linked to your IP address. Internet-connected IP cameras are widely...| CIP Blog
A newly discovered vulnerability, CVE-2024-10443, has been found in Synology’s NAS (Network Attached Storage) systems. This zero-click...| CIP Blog
A critical security vulnerability (CVE-2024-37383) has been identified in the Roundcube webmail platform, allowing attackers to steal user...| CIP Blog
It has been a month since vulnerabilities were discovered in DrayTek routers. Initially, 700,000 DrayTek routers were confirmed to be...| CIP Blog
In support of Cybersecurity Awareness Month 2024, Criminal IP provides cybersecurity tips and resources to enhance your digital security.| CIP Blog
Exploring how CVE-2024-43044 can be exploited, the devices affected, and how to identify exposed Jenkins devices using threat-hunting tools.| CIP Blog
We will analyze a recent trend in financial software attacks where Quasar RAT is distributed using Home Trading System...| CIP Blog
On May 8, 2024, a serious remote code execution (RCE) vulnerability 'CVE-2024-29212' was discovered in Veeam's VSPC (Veeam Service Provider Console).| CIP Blog
We searched for devices affected by the Fortinet RCE bug vulnerability, CVE-2024-21762, using Criminal IP. Over 340,000 servers are exposed.| CIP Blog
In the future, we plan to elevate the usage of certain features within Criminal IP by enhancing our paid plan policy. features.| CIP Blog
