From Starlink to Star Wars: The Real Cyber Threats in Space πΈ
Satellites now prop up navigation, finance, aviation, weather, even battlefields β and that makes them prime targets. Our new piece maps how space systems are attacked across the ground, link, and space segments, what went wrong in real incidents, and which controls actually help. No, itβs not the Death Star you should fear β itβs the dish on your roof. These are not the packets youβre looking for.
Whatβs inside:
π Mega-constellations & dependencies: why thousands of LEO nodes + private networks raise systemic risk.
π° Anatomy of a satellite: bus, payload, TT&C β and where command hijack, unpatched firmware, and telemetry tampering creep in.
π‘ Ground first: supply-chain compromise, phishable ops networks, and user-terminal takeover.
πRF attacks: jamming, spoofing, and cheap SDR eavesdropping turning βspace-onlyβ data into low-cost targets.
πCase studies you can brief with: Viasat KA-SAT (AcidRain) and Landsat/Terra ground-station intrusions β play-by-play included.
π Read now: https://netlas.io/blog/space_cyber_threats/
Satellites now prop up navigation, finance, aviation, weather, even battlefields β and that makes them prime targets. Our new piece maps how space systems are attacked across the ground, link, and space segments, what went wrong in real incidents, and which controls actually help. No, itβs not the Death Star you should fear β itβs the dish on your roof. These are not the packets youβre looking for.
Whatβs inside:
π Mega-constellations & dependencies: why thousands of LEO nodes + private networks raise systemic risk.
π° Anatomy of a satellite: bus, payload, TT&C β and where command hijack, unpatched firmware, and telemetry tampering creep in.
π‘ Ground first: supply-chain compromise, phishable ops networks, and user-terminal takeover.
πRF attacks: jamming, spoofing, and cheap SDR eavesdropping turning βspace-onlyβ data into low-cost targets.
πCase studies you can brief with: Viasat KA-SAT (AcidRain) and Landsat/Terra ground-station intrusions β play-by-play included.
π Read now: https://netlas.io/blog/space_cyber_threats/
netlas.io
From Starlink to Star Wars - The Real Cyber Threats in Space - Netlas Blog
Explores how AI, cyber attacks and megaconstellations turn satellites into critical targets β and why securing space infrastructure is urgent.
π₯3πΎ3π1
CVE-2025-64656, -64657: Two vulnerabilitites in Azure Application Gateway, 9.4 - 9.8 rating π₯
Among the vulnerabilities recently published by Microsoft are Stack-based Buffer Overflow and Out-of-bounds Read, which allow an attacker to escalate privileges.
Search at Netlas.io:
π Link: https://nt.ls/2xeMm
π Dork: http.headers.server:"Azure Application Gateway"
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64657
Among the vulnerabilities recently published by Microsoft are Stack-based Buffer Overflow and Out-of-bounds Read, which allow an attacker to escalate privileges.
Search at Netlas.io:
π Link: https://nt.ls/2xeMm
π Dork: http.headers.server:"Azure Application Gateway"
Vendor's advisory: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-64657
πΎ4π₯1
π§ Planned Maintenance π§
An application will be unavailable for a period of timeβοΈ
On Thursday, November 27, 2025, at 09:00 UTC β°, a major update will be implemented, which will also require changes to the structure of the Netlas databases. This will take several hours, during which time the service will be down. Our team will do everything possible to complete this task as quickly as possible.
Please remember to save your work before this time.
An application will be unavailable for a period of timeβοΈ
On Thursday, November 27, 2025, at 09:00 UTC β°, a major update will be implemented, which will also require changes to the structure of the Netlas databases. This will take several hours, during which time the service will be down. Our team will do everything possible to complete this task as quickly as possible.
Please remember to save your work before this time.
π3
CVE-2024-9183, -12571, and other: Multiple vulnerabilities in GitLab, 2.4 - 7.7 ratingβοΈ
In a recent advisory, GitLab reports several vulnerabilities, including Race Conditions, DoS, and Authentication Bypass.
Search at Netlas.io:
π Link: https://nt.ls/IH1NS
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/
In a recent advisory, GitLab reports several vulnerabilities, including Race Conditions, DoS, and Authentication Bypass.
Search at Netlas.io:
π Link: https://nt.ls/IH1NS
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2025/11/26/patch-release-gitlab-18-6-1-released/
πΎ4
Netlas.io
π§ Planned Maintenance π§ An application will be unavailable for a period of timeβοΈ On Thursday, November 27, 2025, at 09:00 UTC β°, a major update will be implemented, which will also require changes to the structure of the Netlas databases. This will takeβ¦
βοΈ Maintenance Update βοΈ
Due to additional testing, the update has been postponed to Friday, November 28, 2025, at 08:00 UTC β°.
Please remember to save your work before this time.
Due to additional testing, the update has been postponed to Friday, November 28, 2025, at 08:00 UTC β°.
Please remember to save your work before this time.
π3
Netlas is back online π
Weβve just finished rolling out Netlas v1.4.0 β a major upgrade that took a bit longer than expected, but itβs now live and ready to use.
Hereβs whatβs new:
π§ Discovery Tool: significantly improved UI and reworked flow β discovery now runs in the background so you can keep exploring your attack surface while data is being fetched.
π Port coverage: public scans now cover 1,000+ ports for broader visibility into exposed services.
π Tech detection: improved HTTP software detection; the next public scan will include 6,000+ application and technology names.
π CVE mapping: completely redesigned mapping via CPEs and product names, plus a new sortable, filterable vulnerabilities table in the UI.
π¦ Private Scanner: major data storage redesign after a year of intensive use, improving reliability and paving the way for future features.
π API change: when using the indices parameter, you now pass the scan label instead of its numeric ID.
Thanks a lot for your patience and support β it helped us get this release over the line.
π Full changelog and migration details: https://docs.netlas.io/changelog/
Weβve just finished rolling out Netlas v1.4.0 β a major upgrade that took a bit longer than expected, but itβs now live and ready to use.
Hereβs whatβs new:
π§ Discovery Tool: significantly improved UI and reworked flow β discovery now runs in the background so you can keep exploring your attack surface while data is being fetched.
π Port coverage: public scans now cover 1,000+ ports for broader visibility into exposed services.
π Tech detection: improved HTTP software detection; the next public scan will include 6,000+ application and technology names.
π CVE mapping: completely redesigned mapping via CPEs and product names, plus a new sortable, filterable vulnerabilities table in the UI.
π¦ Private Scanner: major data storage redesign after a year of intensive use, improving reliability and paving the way for future features.
π API change: when using the indices parameter, you now pass the scan label instead of its numeric ID.
Thanks a lot for your patience and support β it helped us get this release over the line.
π Full changelog and migration details: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
β€3π₯3π2πΎ2
Weβve just shipped Netlas Python SDK v0.8.0 πβ¨
This update brings more reliable downloads, refreshed stats handling, and broader SDK coverage β including new Discovery/Mapping methods, improved Scanner and Datastore tools, and a couple of nice usability touches in both profiles and the CLI.
π Check full changelog here: https://docs.netlas.io/changelog/
This update brings more reliable downloads, refreshed stats handling, and broader SDK coverage β including new Discovery/Mapping methods, improved Scanner and Datastore tools, and a couple of nice usability touches in both profiles and the CLI.
π Check full changelog here: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
π₯4β€2πΎ2
CVE-2025-11699: Insufficient Session Expiration in nopCommerce, 7.1 ratingβοΈ
Because some versions of nopCommerce do not clear cookies, an attacker who gains access to someone else's cookie can use it to hijack a session or escalate privileges.
Search at Netlas.io:
π Link: https://nt.ls/6rFG4
π Dork: http.meta:"nopCommerce"
Read more: https://seclists.org/fulldisclosure/2025/Aug/14
Because some versions of nopCommerce do not clear cookies, an attacker who gains access to someone else's cookie can use it to hijack a session or escalate privileges.
Search at Netlas.io:
π Link: https://nt.ls/6rFG4
π Dork: http.meta:"nopCommerce"
Read more: https://seclists.org/fulldisclosure/2025/Aug/14
πΎ5
CVE-2025-55182: RCE in React Server Components, 10.0 rating π₯π₯π₯
The code of vulnerable components insecurely deserializes HTTP requests, which could allow an attacker to perform RCE.
Search at Netlas.io:
π Link: https://nt.ls/lg3gz
π Dork: tag.name:"react"
Vendor's advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
The code of vulnerable components insecurely deserializes HTTP requests, which could allow an attacker to perform RCE.
Search at Netlas.io:
π Link: https://nt.ls/lg3gz
π Dork: tag.name:"react"
Vendor's advisory: https://react.dev/blog/2025/12/03/critical-security-vulnerability-in-react-server-components
π₯8πΎ4
CVE-2025-66399: Command Injection in Cacti, 7.4 ratingβοΈ
A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE.
Search at Netlas.io:
π Link: https://nt.ls/VJyxC
π Dork: http.title:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Vendor's advisory: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
A vulnerability in the SNMP component of Cacti could allow an authenticated attacker to perform RCE.
Search at Netlas.io:
π Link: https://nt.ls/VJyxC
π Dork: http.title:"Login to Cacti" OR http.headers.set_cookie:"Cacti"
Vendor's advisory: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
πΎ7
π The Evolution of C2: Centralized to On-Chain
We map how C2 moved from IRC and web panels to DGAs, P2P, fast-flux, abuse of legit cloud platforms, and now smart-contract C2 on public blockchains β with concrete detection playbooks.
Whatβs inside:
1. The lineage: IRC β HTTP/HTTPS β DGA & P2P β fast-flux β cloud/βlegitβ platforms β blockchain contracts.
2. Why on-chain C2 matters: immutable contracts, pseudonymous wallets, and payload retrieval over public RPC.
3. Trade-offs: resilience vs latency, and how transparency enables forensics even as takedowns get harder.
4. Practical detection: block JSON-RPC egress to public providers, use TLS/JARM and beacon-timing patterns, and watch for DNS tunneling.
π Read now: https://netlas.io/blog/evolution_of_c2_infrastructure/
We map how C2 moved from IRC and web panels to DGAs, P2P, fast-flux, abuse of legit cloud platforms, and now smart-contract C2 on public blockchains β with concrete detection playbooks.
Whatβs inside:
1. The lineage: IRC β HTTP/HTTPS β DGA & P2P β fast-flux β cloud/βlegitβ platforms β blockchain contracts.
2. Why on-chain C2 matters: immutable contracts, pseudonymous wallets, and payload retrieval over public RPC.
3. Trade-offs: resilience vs latency, and how transparency enables forensics even as takedowns get harder.
4. Practical detection: block JSON-RPC egress to public providers, use TLS/JARM and beacon-timing patterns, and watch for DNS tunneling.
π Read now: https://netlas.io/blog/evolution_of_c2_infrastructure/
netlas.io
The Evolution of C2: Centralized to On-Chain - Netlas Blog
How C2 moved from centralized servers to blockchain contracts. Resilience, trade-offs, real cases, and practical detection via RPC filtering and on-chain analysis.
πΎ3π₯2
CVE-2025-14265: Download of Code Without Integrity Check in ScreenConnect, 9.1 rating π₯
A server-side vulnerability could allow an authenticated attacker to execute custom code or access configuration data.
Search at Netlas.io:
π Link: https://nt.ls/1JSOa
π Dork: http.headers.server:"ScreenConnect"
Vendor's advisory: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-2025.8-security-patch
A server-side vulnerability could allow an authenticated attacker to execute custom code or access configuration data.
Search at Netlas.io:
π Link: https://nt.ls/1JSOa
π Dork: http.headers.server:"ScreenConnect"
Vendor's advisory: https://www.connectwise.com/company/trust/security-bulletins/screenconnect-2025.8-security-patch
πΎ7
CVE-2025-14733: Out-of-bounds Write in WatchGuard, 9.1 rating π₯
A vulnerability in Fireware OS allows a remote unauthenticated user to execute arbitrary code.
Search at Netlas.io:
π Link: https://nt.ls/jooF2
π Dork: http.favicon.hash_sha256:9560bc07784890efa36dc4636b6d5f091059914bb5cb8941d00c5b47646efb8c
Read more: https://github.com/advisories/GHSA-hv82-jj64-jf47
A vulnerability in Fireware OS allows a remote unauthenticated user to execute arbitrary code.
Search at Netlas.io:
π Link: https://nt.ls/jooF2
π Dork: http.favicon.hash_sha256:9560bc07784890efa36dc4636b6d5f091059914bb5cb8941d00c5b47646efb8c
Read more: https://github.com/advisories/GHSA-hv82-jj64-jf47
πΎ4
CVE-2025-68385: Cross-site Scripting in Kibana, 7.2 ratingβοΈ
A vulnerability in the Vega renderer could allow an authenticated attacker to perform XSS injection.
Search at Netlas.io:
π Link: https://nt.ls/XGTPX
π Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisory: https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
A vulnerability in the Vega renderer could allow an authenticated attacker to perform XSS injection.
Search at Netlas.io:
π Link: https://nt.ls/XGTPX
π Dork: http.unknown_headers.key:"kbn_name"
Vendor's advisory: https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
πΎ4
ππ
πΌβοΈ Netlas v1.5.1
We introduce Daily Internet Scan Data Snapshots β time-bounded datasets containing all scan results collected within a 24-hour period.
Plus:
π·οΈ improved technology tags
π visual mapping hints
π Check full changelog here: https://docs.netlas.io/changelog/
We introduce Daily Internet Scan Data Snapshots β time-bounded datasets containing all scan results collected within a 24-hour period.
Plus:
π·οΈ improved technology tags
π visual mapping hints
π Check full changelog here: https://docs.netlas.io/changelog/
docs.netlas.io
Changelog - Netlas Docs
Explore the latest updates, enhancements, and fixes on the Netlas platform. Stay informed with our Changelog for all product and feature developments.
π₯6π1
βοΈTechnical Issue AlertβοΈ
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
π You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience π
Due to issues with database cluster, Netlas is temporarily suspended to reboot the affected nodes.
Our team is working hard to resolve the issue as quickly as possible.
π You can also follow the Netlas status on the corresponding page: https://status.netlas.io/
We sincerely apologize for the inconvenience and appreciate your patience π
π4
π Software Supply Chain Attacks β how trust breaks, and how to fix it
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code β as in the CCleaner incident. This explainer maps where trust fails and what to harden.
Whatβs inside:
1οΈβ£ The chain itself: repos, dependency managers, CI/CD, artifact storage β and the weak assumptions they rely on.
2οΈβ£ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3οΈβ£ Case in point: a signed build gone rogue (CCleaner) shows why βofficialβ isnβt always safe.
4οΈβ£ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
π Full article here: https://netlas.io/blog/supply_chain_attack/
Modern apps lean on open-source packages, registries, clouds, and CI/CD. When any upstream link is compromised, clean projects ship trojanized code β as in the CCleaner incident. This explainer maps where trust fails and what to harden.
Whatβs inside:
1οΈβ£ The chain itself: repos, dependency managers, CI/CD, artifact storage β and the weak assumptions they rely on.
2οΈβ£ How attacks land: stolen maintainer accounts, poisoned updates, abused credentials, and automated pulls.
3οΈβ£ Case in point: a signed build gone rogue (CCleaner) shows why βofficialβ isnβt always safe.
4οΈβ£ Mitigations that matter: SBOMs, provenance and signed builds to verify what you ship and where it came from.
π Full article here: https://netlas.io/blog/supply_chain_attack/
netlas.io
Supply Chain Attack - How Attackers Weaponize Software Supply Chains - Netlas Blog
Explains how software supply chain attacks subvert trust in open source, CI/CD and registries, and how SBOM, provenance and signed builds mitigate risk.
1πΎ4β€3
π Bug Bounty 101 β a complete 2026 roadmap for beginners
Netlasβ new guide cuts through the βdead vs $100kβ hype: bug bounty isnβt dead, itβs just more mature. Success now comes from smart target selection, solid recon, manual testing, and reports that get accepted.
Whatβs inside:
1οΈβ£ Prerequisites checklist: networking, HTTP basics, light coding, core vulns, and why patience/focus matter.
2οΈβ£ Picking targets: start with VDPs and less-crowded programs; use HackerOne/Bugcrowd/Intigriti and Google dorks to find scopes; stick to one target.
3οΈβ£ Recon that works: org WHOIS β asset mapping β subdomains; customize your flow, with a concrete Netlas example and CLI tips.
4οΈβ£ Hunting methodology: build product knowledge first; use a single multi-signal test string to probe inputs; avoid blind payload spam.
5οΈβ£ Reports that get paid and beginner mistakes to avoid, plus a practical 60-day plan to your first live finding.
π Read here: https://netlas.io/blog/bug_bounty_roadmap/
Netlasβ new guide cuts through the βdead vs $100kβ hype: bug bounty isnβt dead, itβs just more mature. Success now comes from smart target selection, solid recon, manual testing, and reports that get accepted.
Whatβs inside:
1οΈβ£ Prerequisites checklist: networking, HTTP basics, light coding, core vulns, and why patience/focus matter.
2οΈβ£ Picking targets: start with VDPs and less-crowded programs; use HackerOne/Bugcrowd/Intigriti and Google dorks to find scopes; stick to one target.
3οΈβ£ Recon that works: org WHOIS β asset mapping β subdomains; customize your flow, with a concrete Netlas example and CLI tips.
4οΈβ£ Hunting methodology: build product knowledge first; use a single multi-signal test string to probe inputs; avoid blind payload spam.
5οΈβ£ Reports that get paid and beginner mistakes to avoid, plus a practical 60-day plan to your first live finding.
π Read here: https://netlas.io/blog/bug_bounty_roadmap/
netlas.io
Bug Bounty 101 - A Complete Bug Bounty Roadmap for Beginners (2026) - Netlas Blog
Practical 2026 bug bounty roadmap for beginners: choosing targets, recon, web/API bugs, manual testing and writing reports that get paid
1π₯3πΎ3
CVE-2025-37165, -37166: Multiple vulnerabilities in Aruba, 7.5 ratingβοΈ
Vulnerabilities in Aruba HPE allow an attacker to perform a DoS or gain knowledge of the internal network configuration.
Search at Netlas.io:
π Link: https://nt.ls/AlIHR
π Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US#hpesbnw04988-rev-1-hpe-networking-instant-on-multi-0
Vulnerabilities in Aruba HPE allow an attacker to perform a DoS or gain knowledge of the internal network configuration.
Search at Netlas.io:
π Link: https://nt.ls/AlIHR
π Dork: http.favicon.hash_sha256:dfa04944308ed6c96563ff88cdb767ed5177c76c8a386f7a5803b534e9bff753
Vendor's advisory: https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04988en_us&docLocale=en_US#hpesbnw04988-rev-1-hpe-networking-instant-on-multi-0
1πΎ3π₯1
CVE-2025-13927, -13928, -13335, CVE-2026-0723, -1102: Multiple vulnerabilitites in GitLab, 3.1 - 7.5 ratingβοΈ
Several recent vulnerabilities in GitLab include DoS, Incorrect Authorization, and other issues.
Search at Netlas.io:
π Link: https://nt.ls/5JrG3
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/
Several recent vulnerabilities in GitLab include DoS, Incorrect Authorization, and other issues.
Search at Netlas.io:
π Link: https://nt.ls/5JrG3
π Dork: http.favicon.hash_sha256:72a2cad5025aa931d6ea56c3201d1f18e68a8cd39788c7c80d5b2b82aa5143ef OR http.headers.set_cookie:"gitlab" OR http.headers.location:"gitlab"
Vendor's advisory: https://about.gitlab.com/releases/2026/01/21/patch-release-gitlab-18-8-2-released/
πΎ2