Outpost24’s threat intelligence researchers have been analyzing a corporate database seller known as “Lionishackers”. They’re a financially motivated threat actor focused on exfiltrating and selling corporate databases. This post explores how they operate, where their attacks are taking place, and the current level of threat they pose. Lionishackers: Key things...

Thank You! Your Domain Scan Is Underway We’re now scanning our vast threat intelligence database to identify any compromised credentials linked to your domain that may be circulating on the dark web. This process takes just a few minutes, and your results will be delivered directly to your inbox. While...

Social media can work both for and against an organization, so it’s worth treating these sites as extensions of your attack surface. CompassDRP’s Social Media integration continuously monitors both corporate and employee profiles across platforms such as Twitter, LinkedIn, and Facebook. It automatically flags unauthorized or impersonating accounts that mimic...

Today marks Microsoft Patch Tuesday for July 2025, addressing 137 vulnerabilities. Key issues include an information disclosure vulnerability in Microsoft SQL Server and local code execution vulnerabilities in Microsoft Office. More details are provided below. Notable Patch Tuesday vulnerabilities for July CVE-2025-49719: An information disclosure vulnerability in Microsoft SQL Server...

It’s tempting to view bug bounty programs as a cheat code – an enticing shortcut to uncover vulnerabilities by tapping into the creativity of the global security community. Is there really any need to invest in your own testing for vulnerabilities? But while these programs can surface critical flaws that...

I recently discovered an interesting race condition vulnerability in the eCommerce software nopCommerce, during a manual pen test as part of the SWAT service (SWAT is Outpost24’s Pen Testing as a Service solution). This vulnerability (CVE-2024-58248) involves nopCommerce, an open-source eCommerce platform written in C#, which aids developers in building...

In June 2025, Israel carried out airstrikes against key Iranian military and nuclear facilities. Iran swiftly retaliated, escalating regional tensions to unprecedented levels. This military confrontation has not only unfolded in conventional warfare but also triggered a massive surge in cyber operations. Almost immediately after the kinetic attacks, numerous hacktivist...

The cyberattack by Gonjeshke Darande on Nobitex (Iran’s largest cryptocurrency exchange) made global headlines, not only for its scale, but for its political intent. This bold act of digital sabotage occurred within a rapidly deteriorating geopolitical context. On June 13, 2025, Israeli airstrikes targeted key Iranian military and nuclear facilities....

In the world of modern web applications, the OAuth flow is our trusty gatekeeper, enabling seamless logins and secure data sharing. But its flexibility (designed to handle myriad use cases) is also its Achilles’ heel. A tiny misstep in URI validation or a missing state check can turn a robust...