💭 Did you know? ⟶ CrowdSec Threat Intelligence updates every 10 minutes. 💡CrowdSec lets you act on real-time intelligence, not yesterday's headlines. Learn more: . #threatintelligence #cybersecurity #infosec

Sharing insights and taking swift action can collectively reduce the impact of these threats. This is your call to action for real-time threat intelligence and collaborative cybersecurity. For more information, visit . (🧵6/6).

How to protect your systems. 🔹Patch: If you are using middleware-based authentication, upgrade to a patched version of Next.js if you have not already done so. 🔹Stay proactive: Install the Crowdsec Web Application Firewall to stay ahead of exploit attempts, with 100+ virtual.

Trend analysis. The vulnerability was disclosed by Vercel on the 10th of March 2025. CrowdSec has been tracking this vulnerability and its exploits since the 24th of March. Insights from the CrowdSec Network reveal that the attackers trying to exploit CVE-2025-29927 are composed

About the exploit. This vulnerability allows remote, unauthenticated attackers to bypass authentication requirements in Next.js web applications. The flaw occurs in configurations where the authentication is handled by middleware and not checked by other components. Depending on.

Key findings. 🔹CVE-2025-29927 was disclosed on the 10th of March 2025 and has been tracked by CrowdSec since the 24th of March. 🔹CVE-2025-29927 has seen few attackers for the past three months, most observed signals came from known vulnerability scanners. 🔹CrowdSec has now

(🧵Thread) 🔎 In this week’s Threat Alert Newsletter: CVE-2025-29927, an authentication bypass in Next.js is drawing fresh attention from attackers. CrowdSec CTI has observed a sharp uptick in exploitation attempts across our global network. We break down why this 3-month-old

💭 Did you know? ⟶ CrowdSec's CTI database holds detailed behavior profiles for over 50 million IPs. 💡 It goes beyond simple reputation feeds and gives your SOC team real context like attack methods, frequency, targets, and geolocation. You can explore the behavior

Looking for a self-hosted, privacy-respecting way to expose internal services, without sacrificing security? 🤔. #Pangolin lets you tunnel traffic through a reverse proxy you fully control. And when combined with CrowdSec, it becomes much more than a Cloudflare Tunnel.

RT @l_onnipotente: CrowdSec.Proteggere scuole e PA con le blocklist. @Crowd_Security #opensource #sicurezza #UnoO….

Explore how @Suricata_IDS and CrowdSec work together in this webinar replay hosted by CrowdSec ambassador @flaviuvlaicu. You'll get a step-by-step walkthrough of the integration and a deep dive into best practices. Whether you're a security professional, DevOps engineer,.

🎉 At CrowdSec, we rely on @MongoDB to power our solution. Its speed, flexibility, and reliability help us deliver real-time protection at scale, keeping our community safe from evolving cyber threats. Learn more 👉 #CrowdSec #MongoDB  #CyberSecurity.

Sharing insights and taking swift action can collectively reduce the impact of these threats. This is your call to action for real-time threat intelligence and collaborative cybersecurity. For more information, visit . (🧵6/6).

How to protect your systems. 🔹Patch: Apply the emergency security updates immediately. Microsoft has released patches for all affected versions. 🔹Preemptive blocking: Use CrowdSec CTI to block IPs exploiting CVE-2025-53770 and monitor upcoming CVEs using the Trend Explorer.

Trend Explorer. The vulnerability was actively exploited starting 18 July 2025, shortly after researchers published details about the ToolShell attack chain. At this time, The Hacker News reported that more than 85 servers were compromised globally. On 21 September, we started.

About the exploit:. CVE-2025-53770 is a deserialization vulnerability in Microsoft SharePoint Server that allows unauthenticated attackers to execute arbitrary code. The vulnerability is essentially a bypass for the patches Microsoft released in July 2025 for CVE-2025-49704 and.

Key findings. 🔹Critical CVSS score: CVE-2025-53770 carries a CVSS score of 9.8, enabling unauthenticated remote code execution through deserialization of untrusted data. 🔹Crowdsec CTI: Has flagged more than 115 machines scanning for this exploit at a vast scale across our

(🧵Thread) CVE-2025-53770: Find out the Actors behind the Critical Microsoft SharePoint Vulnerability Exploitation. CrowdSec CTI has flagged 115+ IPs scanning for this flaw across our global network. We break down how the attack works, who’s behind it and how to stay protected 👇

💭 Did you know? ⟶ CrowdSec Platinum Blocklists can block 92% of malicious traffic at the edge before it ever reaches your WAF or application layer. 💡That means fewer alerts, fewer resources wasted, and fewer breaches. Learn more: . #blocklists

🎓 Hackers are going back to school. Not to learn, but to exploit vulnerabilities. Enter CrowdSec’s latest drop: the Education Blocklist and Public Sector Blocklist, built to stop threats before they disrupt your operations. Here’s what you get: .• Real-time,