Threat Center - IONIX
Get up-to-the-minute zero-day exposure information on your assets and respond 3x faster to validated exploits.| IONIX
Get up-to-the-minute zero-day exposure information on your assets and respond 3x faster to validated exploits.| IONIX
Summary A high-severity vulnerability (CVSS 9.9) has been disclosed in the VPN web server component of Cisco Secure Firewall ASA and FTD software. An authenticated attacker (i.e. one possessing valid VPN credentials) can send specially crafted HTTP(S) requests that bypass input validation and lead to remote code execution as root. This means full device compromise... The post CVE-2025-20333: Authenticated RCE in Cisco ASA / FTD VPN Web Server appeared first on IONIX.| IONIX
IONIX Finds and Fixes Exposed MCP Servers Why we look for AI assets (and what MCP is) Modern enterprises run not only web apps and databases, but also AI agents and tooling servers. MCP (Model Context Protocol) is an interface pattern that exposes tools-functions the agent can call, such as a browser driver, accessibility checker,... The post Exposed AI Agents in the Wild: How a Public MCP Server Let Us Peek Inside Its Host appeared first on IONIX.| IONIX
What is CVE-2025-10035? A new critical vulnerability, CVE-2025-10035, has been disclosed in Fortra’s GoAnywhere MFT, a widely used managed file transfer solution. The flaw lies in the License Servlet and allows unauthenticated attackers to achieve remote code execution (RCE) through crafted license responses. The vendor has rated this vulnerability as Critical (CVSS 10.0) due to... The post CVE-2025-10035 Critical Remote Code Execution in Fortra GoAnywhere MFT appeared first on IONIX.| IONIX
IONIX uncovers blind spots of AI risk - experimental AI projects are being deployed without governance, bypassing the usual security reviews. These assets often remain connected to critical infrastructure, meaning what starts as a “temporary” experiment can quickly escalate into a major breach risk.| IONIX
Overview The IONIX research team is tracking CVE-2025-42944, an insecure deserialization vulnerability affecting SAP NetWeaver AS Java’s RMI-P4 module—a critical issue warranting immediate attention. What’s at Risk? Context & Why It Matters Current State of Exploitation IONIX Recommendations Who Might Be Affected? Final Take CVE-2025-42944 is a textbook example of how insecure deserialization can escalate... The post CVE-2025-42944 — Insecure Deserialization in SAP NetWeaver appeared ...| IONIX
Summary A critical Server-Side Request Forgery (SSRF) vulnerability—CVE-2025-8085—has been discovered in the popular WordPress plugin “Ditty (News Ticker & Display Items)” for versions prior to 3.1.58. The issue resides in the displayItems REST API endpoint (wp-json/dittyeditor/v1/displayItems), which lacks authentication and authorization, allowing unauthenticated attackers to force the server to fetch arbitrary URLs—internal or external—via crafted... The post Unauthenticated SS...| IONIX
In today’s digital landscape, web application security is more critical than ever. Most organizations rely on Cloud-Based Security Providers offering integrated Web Application Firewalls (WAFs) and Content Delivery Networks (CDNs), for shielding their assets from direct exposure and attacks such as SQL injection, XSS, and DDoS. One of the most insidious threats is the origin... The post No More Blind Spots: Detecting WAF / CDN Control Bypass in IONIX Exposure Management appeared first on IO...| IONIX
Validating external reachability is not just a good practice, it is the bedrock of exposure management. Without proving what is actually reachable, you cannot know your true attack surface or prioritize what needs to be fixed first.| IONIX
Overview A new critical vulnerability has been identified in FreePBX, the widely adopted open-source, web-based graphical user interface for managing Asterisk PBX systems. Tracked as CVE-2025-57819, this flaw affects FreePBX versions 15, 16, and 17 and enables unauthenticated attackers to bypass administrator login controls. Once inside, threat actors can perform SQL Injection attacks that lead... The post FreePBX Authentication Bypass Leading to SQL Injection and RCE (CVE-2025-57819) appeare...| IONIX
zero-day vulnerability, CVE-2025-7775, has been disclosed in Citrix NetScaler ADC and Gateway appliances. This flaw is classified as a memory overflow vulnerability| IONIX
How DevOps Teams Can Use IONIX for Zero-Fuss Daily Ops| IONIX
External Attack Surface Management (EASM) is a cybersecurity discipline that identifies and manages risk from the attacker's point of view.| IONIX
Threat exposure management (TEM) is a cybersecurity practice focused on managing an organization’s digital attack surfaces, both internal and external.| IONIX
Learn how exposure management improves vulnerability management by prioritizing real threats and addressing risks across the entire attack surface.| IONIX
Minimize your attack surface & enhance your organization's security posture with IONIX. Protect your digital assets today.| IONIX
Exploitability refers to the potential for an attacker to use a vulnerability to harm an organization.| IONIX
Exposure management (EM) is an attacker-centric approach to identifying and addressing potential security risks to an organization’s IT assets.| IONIX
Our mission at IONIX is to give security teams unmatched focus into what truly needs fixing, reducing external exposure by addressing high-impact exploitable vulnerabilities.| IONIX
A critical remote code execution vulnerability, CVE-2025-54309, has been disclosed in CrushFTP, a popular managed file transfer (MFT) solution. This flaw allows unauthenticated remote attackers to gain full administrative access to vulnerable systems over HTTPS – without triggering authentication controls.| IONIX
Learn about security misconfiguration vulnerabilities, ranked number 5 on the OWASP Top Ten list, including best practices for remediation.| IONIX
Learn about the issues that security teams may face with vulnerability scanning, and what are considered some of the top vulnerability scanning tools in various categories.| IONIX
Experience the power of IONIX's attack surface management solutions first-hand by booking a demo today.| IONIX
Scan and map your organization’s assets, technologies and subsidiaries for a 360 view of your attack surface| IONIX
Enhance your cybersecurity strategy with IONIX's effective risk prioritization solutions. Learn how today| IONIX
Cyber Asset Attack Surface Management (CAASM) is a process for achieving complete visibility into an organization’s digital attack surfaces, both internal and external.| IONIX
Learn everything you need to know about the interaction and key differences between an attack vector, attack surface, and attack path.| IONIX
Explore the crucial relationship between attack surfaces and vectors in cybersecurity, and learn how to effectively secure your organization.| IONIX
Gain unmatched visibility into all internet-facing assets - including infrastructure dependencies - with IONIX’s ML-based discovery engine.| IONIX
Discover how IONIX and Cloudflare team up to uncover every internet-facing asset, validate WAF coverage, and close exposure gaps—so your web attack surface stays secure.| IONIX
External attack surface management (EASM) is the practice of identifying and addressing potential attack vectors in an organization’s public-facing IT infrastructure.| IONIX
Continuous Threat Exposure Management (CTEM) is a formalized process for identifying and remediating the most significant threats to a business.| IONIX
Remediation represents the comprehensive process of addressing and resolving identified risks or threats within a cybersecurity landscape| IONIX
An attack surface is the sum of vulnerabilities, misconfigurations, and entry points that attackers can exploit to access a system or environment.| IONIX
An attack surface is the sum total of all the various ways that a cyber threat actor could attack an organization.| IONIX
Step by step guide to attack surface analysis and mapping using best practices, following correct techniques and using correct tools| IONIX
Attack surface management is the process of identifying, analyzing, and mitigating the potential vulnerabilities and attack vectors in a system or network.| IONIX
