CrowdSec

@[email protected]
465 Followers
20 Following
440 Posts
CrowdSec is a CTI tool leveraging crowdsourced data to identify and block malevolent IPs in real time worldwide. Join our Discord: http://discord.gg/crowdsec
Websitehttps://www.crowdsec.net/
GitHubhttps://github.com/crowdsecurity/crowdsec
Discordhttps://www.discord.gg/crowdsec
LinkedInhttps://www.linkedin.com/company/53443483
CrowdSec2d ago

Not every CVE deserves the same level of attention.
The real question is: which ones are attackers actually exploiting?

Our latest report looks at real-world exploitation patterns 👇
https://www.crowdsec.net/vulnerability-exploitation-report

#CyberSecurity #CVE #ThreatIntel

CrowdSec5d ago

CVSS tells you what could happen.
Live exploitation tells you what is happening.

That's the thinking behind CISA's new BOD 26-04—and why exploitation intelligence matters more than ever.

https://www.crowdsec.net/blog/cisa-bod-26-04-live-exploit-tracker

CrowdSec6d ago

🚨 In this week’s newsletter, we cover CVE-2026-10520, a critical pre-authentication OS command injection vulnerability in Ivanti Sentry now under active exploitation. We break down how attackers can achieve root-level remote code execution without valid credentials and what defenders should do next.

Read the full analysis and protect your systems 👉 https://www.crowdsec.net/vulntracking-report/cve-2026-10520-ivanti-sentry-os-command-injection

CrowdSecJun 10

OWASP CRS is powerful.
But static rules alone can’t keep up with evolving attacks.
Combine it with CrowdSec’s real-time threat intelligence for stronger protection 👇

https://www.crowdsec.net/blog/protecting-your-web-applications-with-owasp-crs-and-crowdsec

#WAF #CyberSecurity #DevSecOps

CrowdSecJun 8

🚨 In this week’s newsletter, we cover CVE-2026-8181, a critical authentication bypass vulnerability in the WordPress Burst Statistics plugin now under active exploitation.

We break down how attackers can obtain administrative privileges without valid credentials and what defenders should do next.

Read the full analysis and protect your systems 👉 https://www.crowdsec.net/vulntracking-report/cve-2026-8181-wordpress-burst-statistics-authentication-bypass

CrowdSecJun 5

👀 What's being cooked at CrowdSec?

Your WAF already knows *what* requests are doing.

What if it could also help answer *who* is behind them?

More soon!

#CyberSecurity #WAF #BotDetection #ThreatIntelligence

CrowdSecJun 4

⚠️ CVE tells you a vulnerability exists.

CVSS tells you its theoretical severity.

KEV tells you it has already been exploited.

But what tells you what's being exploited right now?

Our latest report explores the missing link: real-world exploitation telemetry.

📥 https://www.crowdsec.net/vulnerability-exploitation-report

#CyberSecurity #CVE #ThreatIntel

CrowdSecJun 3

🔍 A suspicious IP alone doesn’t tell you much.

The context around it does.

Attack history, targeted services, observed behaviors, confidence signals — that’s what helps analysts decide what actually matters.

Try investigating your latest suspicious IP 👇
https://app.crowdsec.net/cti

#CyberSecurity #ThreatIntel

CrowdSecMay 25

🚨 In this week’s newsletter, we cover CVE-2026-9082, a Drupal JSON: API SQL injection vulnerability now under active exploitation.

We break down how attackers are targeting exposed /jsonapi/ endpoints and what defenders should do next.

Read the full analysis and protect your systems 👉 https://www.crowdsec.net/vulntracking-report/cve-2026-9082-drupal-jsonapi-sql-injection

CrowdSecMay 22

New CVE? The clock starts immediately ⏱️

How do you validate impact, assess exploitability, and deploy protections fast enough?

Watch the full session 👇 https://youtube.com/live/oedE1_ycS4o

#CyberSecurity #CVE #SecOps