Home | CIP Blog

HomeCriminal IP2025-10-14T12:08:14+09:00

Main Featured

Urgent: 3,894 SonicWall SSL VPNs Vulnerable to OVERSTEP and MFA Bypass

Multiple hacking groups have been repeatedly using SonicWall SSL VPN devices as an intrusion vector, and the security community continues to report cases where accounts protected by OTP-based multi-factor authentication (MFA) were nonetheless logged into successfully — raising growing concern about potential authentication bypasses.

All the latest news

The Rise of AI-Generated Phishing Sites: Analyzing Phishing Infrastructure with Criminal IP

Criminal IP2026-05-29T16:14:25+09:00June 1st, 2026|

SonicWall SSL-VPN MFA Bypass Vulnerability: The Attack Surface Between “Patched” and “Protected”

Criminal IP2026-05-27T15:04:41+09:00May 27th, 2026|

CVE-2026-41940: Analysis of the cPanel Authentication Bypass Vulnerability

Criminal IP2026-05-22T10:54:09+09:00May 21st, 2026|

CVE-2026-6644 Analysis: Command Injection Vulnerability in ASUSTOR ADM PPTP VPN Client

Criminal IP2026-05-15T09:40:46+09:00May 15th, 2026|

CVE-2026-3854: GitHub RCE Vulnerability Triggered by a Single git push

Criminal IP2026-05-13T10:43:13+09:00May 13th, 2026|

CVE-2026-42208: LiteLLM SQL Injection Vulnerability Targeting AI Gateways

Criminal IP2026-05-11T16:41:52+09:00May 11th, 2026|

Persistent Threats Beyond Patching: Analysis of the FIRESTARTER Backdoor Targeting Cisco ASA

Criminal IP2026-05-04T16:10:20+09:00May 4th, 2026|

nginx-ui MCPwn (CVE-2026-33032) Analysis: Nginx Server Compromise via Missing MCP Authentication

Criminal IP2026-04-27T10:30:28+09:00April 27th, 2026|

Analyzing Phishing Infrastructure and Attack Patterns Using Daily Malicious Phishing Data

Criminal IP2026-04-23T14:52:00+09:00April 27th, 2026|

CVE-2026-35616: Exploitation Trends and Exposure Analysis of Fortinet FortiClient EMS

Criminal IP2026-04-21T11:40:59+09:00April 22nd, 2026|

CVE-2026-34197: Apache ActiveMQ RCE Vulnerability Analysis

Criminal IP2026-04-17T16:16:47+09:00April 17th, 2026|

Analyzing a FIFA-Themed Phishing Campaign: Tracking Suspicious 2026 World Cup-Related Domains and Infrastructure

Criminal IP2026-04-10T10:59:09+09:00April 13th, 2026|