WAF

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in FortiWeb, linked to CVE-2025-64446, alongside new detection logic expanding protection against PHP Wrapper Injection techniques. Key Findings This vulnerability enables an unauthenticated attacker to bypass access controls by…

This week’s release introduces a critical detection for CVE-2025-61757, a vulnerability in the Oracle Identity Manager REST WebServices component. Key Findings This flaw allows unauthenticated attackers with network access over HTTP to fully compromise the Identity Manager, potentially leading to…

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in DELMIA Apriso, linked to CVE-2025-6205. Key Findings This vulnerability allows unauthenticated attackers to gain privileged access to the application. The latest update provides enhanced detection logic for resilient…

This week’s release introduces new detections for Prototype Pollution across three common vectors: URI, Body, and Header/Form. Key Findings These attacks can affect both API and web applications by altering normal behavior or bypassing security controls. Impact Exploitation may allow…

This week’s emergency release introduces a new detection signature that enhances coverage for a critical vulnerability in the React Native Metro Development Server, tracked as CVE-2025-11953. Key Findings The Metro Development Server exposes an HTTP endpoint that is vulnerable to…

This week highlights enhancements to detection signatures improving coverage for vulnerabilities in Adobe Commerce and Magento Open Source, linked to CVE-2025-54236. Key Findings This vulnerability allows unauthenticated attackers to take over customer accounts through the Commerce REST API and, in…