🎓 Hackers are going back to school. Not to learn, but to exploit vulnerabilities. Enter CrowdSec’s latest drop: the Education Blocklist and Public Sector Blocklist, built to stop threats before they disrupt your operations. Here’s what you get: .• Real-time,

📣 1 day to go! Join us on July 24 at 5 PM CEST for a live session focused on Acquisition & Parsing. We’ll cover: .• How both processes work together .• Common troubleshooting tips .• What to check when things go wrong . Bring your questions, share your ideas, or simply hang

Last chance to share your feedback and win exclusive CrowdSec swag, including the alpaca plush! 🦙 . Our survey on how you use CrowdSec WAF and MISP closes tomorrow (23 July). Be sure to fill it out and include your email for a chance to win. 👉 Fill out the survey here:

RT @ITConnect_fr: Installer CrowdSec sur un pare-feu PfSense pour protéger son réseau

Sharing insights and taking swift action can collectively reduce the impact of these threats. This is your call to action for real-time threat intelligence and collaborative cybersecurity. For more information, visit (🧵6/6).

How to protect your systems.🔷 Patch: The specific remediation options depend on your device. We recommend checking the remediation section under the well-written post by @rapid7 for instructions for your specific device: 🔷 Preemptive blocking: Use.

Trend analysis. The vulnerability was disclosed by Rapid7 on the 25th of June 2025. CrowdSec has been tracking this vulnerability and its exploits since the 4th of July 2025. Insights from the CrowdSec Network reveal that the attackers trying to exploit CVE-2024-51977 are.

About the exploit. This vulnerability allows remote unauthenticated attackers to read sensitive information from the printer's local storage. Security company @rapid7 demonstrated that the information disclosed by CVE-2024-51977 can then be used to generate a valid administrator.

Key findings.🔷 CrowdSec has detected a broad scanning campaign trying to find and exploit affected printers since the 4th of July 2025. 🔷 As most devices cannot be fully patched, we expect this campaign to persist as botnets start picking up the vulnerability for their exploit

(🧵Thread) CVE-2024-51977: The New Vulnerability Turning over 750 Printer Models Into Botnets. The CrowdSec Network has detected a wave of exploitation attempts targeting CVE-2024-51977, affecting over 750 different printers from brands such as Brother, FUJIFILM, and Toshiba.

🛡️ Cyber threats are getting tougher. Regulators are getting stricter. The DORA regulation is reshaping how financial institutions must prepare for digital disruption. At CrowdSec, we help you meet this challenge with: .• Real-time threat detection across your infrastructure

Do you need an out-of-band and proactive WAF that actually keeps up? . Time to start using the CrowdSec WAF!  It’s lightweight, open source, and 100% free. Best of all, it… .✨ Scales with your infrastructure .✨ Imports your existing ModSecurity rules .✨ Fits right

📣 Partnership announcement!  . We are proud to share that we have partnered with @FiligranHQ, the company behind #OpenCTI, to deliver real-time, intelligence-driven cyber defense. 🤝 This collaboration is a major milestone in our shared mission: empowering defenders through

📢 Join us for the next CrowdSec Community Office Hours! . 📌 This month’s focus: Acquisition & Parsing .We’ll walk through how they work together, how to troubleshoot common issues, and what to check when things don’t behave as expected. 🗓️ July 24 | 🕒 5 PM CEST

Sharing insights and taking swift action can collectively reduce the impact of these threats. This is your call to action for real-time threat intelligence and collaborative cybersecurity. For more information, visit . Want to stay ahead of the.

How to protect your systems:. 🔹Patch: Patch your FortiWeb instance if it is publicly exposed; otherwise, remove outside access to the affected admin panel. 🔹Preemptive blocking: Use Crowdsec CTI to block IPs exploiting CVE-2025-25257 👉 🔹Stay proactive:.

Trend analysis:. 🔹CrowdSec detected the first in-the-wild exploitation of this vulnerability on July 11th, shortly after we rolled out detection rules. Using our wayback tools, we were able to establish that there were no exploitation attempts before July 11th, confirming once

About the exploit:. 🔹The Fortinet FortiWeb Fabric Connector is an integration component designed to enhance application security by linking FortiWeb web application firewalls (WAFs) with other elements of the Fortinet Security Stack. It enables policy enforcement and automated.

Key findings:. 🔹 A new SQL injection vulnerability in a FortiWeb component allows attackers to execute arbitrary code on the affected machine. 🔹CrowdSec has been tracking exploitation since the 11th of July 2025. 🔹Data from the CrowdSec network indicates that attacker interest.

(🧵Thread) In this week’s Threat Alert Newsletter: exploitation of CVE-2025-25257 in Fortinet’s FortiWeb Fabric Connector. We break down how the exploit works, what CrowdSec sees on the network, and steps to stay protected. Read more 👇. (🧵1/6).