Home | CIP Blog

HomeCriminal IP2025-10-14T12:08:14+09:00

Main Featured

Urgent: 3,894 SonicWall SSL VPNs Vulnerable to OVERSTEP and MFA Bypass

Multiple hacking groups have been repeatedly using SonicWall SSL VPN devices as an intrusion vector, and the security community continues to report cases where accounts protected by OTP-based multi-factor authentication (MFA) were nonetheless logged into successfully — raising growing concern about potential authentication bypasses.

All the latest news

CVE-2026-6644 Analysis: Command Injection Vulnerability in ASUSTOR ADM PPTP VPN Client

Criminal IP2026-05-15T09:40:46+09:00May 15th, 2026|

CVE-2026-3854: GitHub RCE Vulnerability Triggered by a Single git push

Criminal IP2026-05-13T10:43:13+09:00May 13th, 2026|

CVE-2026-42208: LiteLLM SQL Injection Vulnerability Targeting AI Gateways

Criminal IP2026-05-11T16:41:52+09:00May 11th, 2026|

Persistent Threats Beyond Patching: Analysis of the FIRESTARTER Backdoor Targeting Cisco ASA

Criminal IP2026-05-04T16:10:20+09:00May 4th, 2026|

nginx-ui MCPwn (CVE-2026-33032) Analysis: Nginx Server Compromise via Missing MCP Authentication

Criminal IP2026-04-27T10:30:28+09:00April 27th, 2026|

Analyzing Phishing Infrastructure and Attack Patterns Using Daily Malicious Phishing Data

Criminal IP2026-04-23T14:52:00+09:00April 27th, 2026|

CVE-2026-35616: Exploitation Trends and Exposure Analysis of Fortinet FortiClient EMS

Criminal IP2026-04-21T11:40:59+09:00April 22nd, 2026|

CVE-2026-34197: Apache ActiveMQ RCE Vulnerability Analysis

Criminal IP2026-04-17T16:16:47+09:00April 17th, 2026|

Analyzing a FIFA-Themed Phishing Campaign: Tracking Suspicious 2026 World Cup-Related Domains and Infrastructure

Criminal IP2026-04-10T10:59:09+09:00April 13th, 2026|

CVE-2026-3502: Supply Chain Attack via TrueConf Update Mechanism

Criminal IP2026-04-08T12:49:53+09:00April 8th, 2026|

CVE-2026-32746: Analysis of Pre-Authentication RCE Vulnerability in GNU InetUtils telnetd

Criminal IP2026-04-06T09:49:18+09:00April 3rd, 2026|

Unstructured Data-Based Asset Exposure Analysis: Structuring Identifiers with Privacy Exposure Scanner

Criminal IP2026-04-01T12:44:40+09:00April 1st, 2026|