%term

CompassDRP Social Media integration: Six real-world use cases

Jul 15, 2025 By KrakenLabs In Outpost 24

Social media can work both for and against an organization, so it’s worth treating these sites as extensions of your attack surface. CompassDRP’s Social Media integration continuously monitors both corporate and employee profiles across platforms such as Twitter, LinkedIn, and Facebook. It automatically flags unauthorized or impersonating accounts that mimic executive identities or misuse company branding, helping to thwart phishing and fraud campaigns before they gain traction.

Read Post

Outpost 24

Read more about CompassDRP Social Media integration: Six real-world use cases

Vulnerability Impact Translation with Falcon Exposure Management

Jul 15, 2025 By CrowdStrike In CrowdStrike

This demo shows how Charlotte AI transforms raw vulnerability data from Falcon Exposure Management into a CISO-ready report. By pulling enriched insights from Next-Gen SIEM—like ExPRT.AI scores and asset criticality—the workflow translates technical signals into business risk. The result: a clear, automated email that highlights key trends, impacted systems, and actionable remediation paths. CrowdStrike Exposure Management.

View Video

CrowdStrike

Read more about Vulnerability Impact Translation with Falcon Exposure Management

Human + AI: The Next Era of Snyk's Vulnerability Curation

Jul 14, 2025 By Tal Dromi In Snyk

Years ago, we published the blog post, “Why do organizations trust Snyk to win the open source security battle?” which laid out the methodology and practices for building the Snyk Vulnerability Database.

Read Post

Snyk

Read more about Human + AI: The Next Era of Snyk's Vulnerability Curation

PoC Available for High-Severity Arbitrary File Write in Git CLI (CVE-2025-48384)

Jul 14, 2025 By Andres Ramos In Arctic Wolf

Arctic Wolf Customer, Proof-of-concept exploit code is now available for a high-severity arbitrary file write vulnerability in Git, which poses a risk to developers who regularly work with third-party code. If Git is used in your environment, we recommend reviewing this security bulletin and taking immediate steps to mitigate the risk.

Read Post

Arctic Wolf

Read more about PoC Available for High-Severity Arbitrary File Write in Git CLI (CVE-2025-48384)

How to Check AI-Generated Code for Vulnerabilities

Jul 13, 2025 By Snyk In Snyk

How to Check AI-Generated Code for Vulnerabilities.

View Video

Snyk

Read more about How to Check AI-Generated Code for Vulnerabilities

Autonomous Vulnerability Remediation: Securing Web & API Apps Instantly

Jul 11, 2025 By Indusface In Indusface

One-third of critical and high vulnerabilities remain open for 180+ days from the time they are discovered. When it comes to business growth vs security, business always wins by prioritizing features over vulnerabilities. This gives hackers enough time to exploit the vulnerabilities, putting the organization at risk. However, most of these vulnerabilities can be virtually patched within a few hours using solutions like AppTrana's SwyftComply, with zero impact on business continuity.

View Video

Indusface

Read more about Autonomous Vulnerability Remediation: Securing Web & API Apps Instantly

Exploiting Public APP_KEY Leaks to Achieve RCE in Hundreds of Laravel Applications

Jul 10, 2025 By Guillaume Valadon In GitGuardian

Laravel APP_KEY leaks enable RCE via deserialization attacks. Collaboration with Synacktiv scaled findings to 600 vulnerable applications using 260K exposed keys from GitHub. Analysis reveals 35% of exposures coincide with other critical secrets including database, cloud tokens, and API credentials.

Read Post

GitGuardian

Read more about Exploiting Public APP_KEY Leaks to Achieve RCE in Hundreds of Laravel Applications

CVE-2025-25257: Critical Unauthenticated SQL Injection Vulnerability in FortiWeb

Jul 10, 2025 By Andres Ramos In Arctic Wolf

On July 8, 2025, Fortinet released fixes for a critical vulnerability in FortiWeb that could allow an unauthenticated threat actor to execute SQL commands via crafted HTTP or HTTPS requests, tracked as CVE-2025-25257. The flaw lies in the Graphical User Interface (GUI) component and stems from improper neutralization of special elements used in SQL statements. The vulnerability was discovered by a security researcher and responsibly disclosed to Fortinet.

Read Post

Arctic Wolf

Read more about CVE-2025-25257: Critical Unauthenticated SQL Injection Vulnerability in FortiWeb

CVE-2025-47812: Wing FTP Server Remote Code Execution Vulnerability Exploited in the Wild

Jul 10, 2025 By Julian Tuin In Arctic Wolf

On July 10, 2025, a technical article was published by Huntress revealing that a maximum severity remote code execution vulnerability in Wing FTP Server, CVE-2025-47812, had been actively exploited by threat actors as early as July 1, 2025. Details of the vulnerability had originally been published on June 30, 2025, providing a comprehensive breakdown of the flaw and how to exploit it.

Read Post

Arctic Wolf

Read more about CVE-2025-47812: Wing FTP Server Remote Code Execution Vulnerability Exploited in the Wild

Charlotte AI - Agentic Workflows: Vulnerability Impact Translation

Jul 9, 2025 By CrowdStrike In CrowdStrike

Vulnerabilities pile up fast, but which ones truly matter to your business? With Charlotte AI Agentic Workflows, CrowdStrike turns overwhelming technical data into business-ready intelligence so you can prioritize what really counts. By pulling real-time vulnerability insights from Falcon Exposure Management, Charlotte AI evaluates what systems are at risk, how many users could be impacted, and what services or revenue streams are on the line. In this demo, you’ll see how AI-driven reasoning translates CVEs and severity scores into clear business impact, no manual analysis required.

View Video