Indusface Blog

December 17, 2025

Bhargavi Pallati

4 min Read

React After React2Shell: New RSC Vulnerabilities Expose DoS and Source Code Risks

Security Bulletin

New React RSC vulnerabilities found after React2Shell expose DoS and source code risks. CVEs show elevated EPSS, highlighting residual risk post-patching.

Security Bulletin

December 17, 2025

Bhargavi Pallati

3 min Read

CVE-2025-66675: Apache Struts DoS Vulnerability Leads to Disk Exhaustion

Security Bulletin

A newly disclosed denial-of-service vulnerability, CVE-2025-66675, affects a wide range of Apache Struts 2 versions and poses a serious availability risk for applications that handle file uploads. While the EPSS.

Security Bulletin

December 17, 2025

Aayush Vishnoi

7 min Read

Secret Scanning: A Critical Practice for Protecting Sensitive Data in Code

Web Application Scanning

Secret scanning detects exposed credentials like API keys and passwords in code, helping prevent data breaches, cloud misuse, and unauthorized system access.

Web Application Scanning

December 12, 2025

Vinugayathri Chinnasamy

25 min Read

227 Key Cybersecurity Statistics: Vulnerabilities, Exploits, and Their Impact for 2026

Cybersecurity

With 2025 closing out, the cybersecurity landscape is shifting rapidly. Vulnerabilities are increasing, exploits are becoming more sophisticated, and attackers are scaling their operations. These late-year patterns make it clear.

Cybersecurity

CVE-2025-10573: Unauthenticated Stored XSS in Ivanti Endpoint Manager

December 11, 2025

Bhargavi Pallati

3 min Read

CVE-2025-10573: Critical Unauthenticated Stored XSS in Ivanti Endpoint Manager

Security Bulletin

CVE-2025-10573 allows unauthenticated stored XSS in Ivanti EPM, enabling admin session takeover and full endpoint control. Learn impact, risks, and fixes

Security Bulletin

December 8, 2025

Pavithra Hanchagaiah

3 min Read

CVE-2025-66516: Critical XXE Vulnerability Exposes Apache Tika Deployments

Security Bulletin

A critical XXE vulnerability (CVE-2025-66516) in Apache Tika enables unauthorized file access via malicious PDFs. Understand the risk & how to stay protected.

Security Bulletin

December 5, 2025

Vinugayathri Chinnasamy

8 min Read

Managed DDoS Protection for SMBs: Ensuring Uptime, Customer Trust, and Business Continuity

DDoS

Learn why SMBs face rising DDoS attacks and how managed protection ensures uptime, prevents revenue loss, and safeguards APIs, websites, and cloud applications.

DDoS

React2Shell(CVE-2025-55182): Critical RCE Vulnerability in React Server Components and Next.js

December 5, 2025

Bhargavi Pallati

4 min Read

React2Shell(CVE-2025-55182): Critical RCE Vulnerability in React Server Components and Next.js

Security Bulletin

CVE-2025-55182, known as React2Shell, is a critical RCE flaw impacting React Server Components and Next.js. Learn how the exploit works and how to mitigate it.

Security Bulletin

December 5, 2025

Vinugayathri Chinnasamy

8 min Read

LLMs, Quantum Computing, and the Top Challenges for CISOs in 2026

Cybersecurity

Discover the top CISO challenges for 2026, from LLM and quantum threats to API attacks, shadow AI & rising automation-driven cyber risks impacting enterprises

Cybersecurity

December 5, 2025

Vinugayathri Chinnasamy

6 min Read

Penetration Testing for the Education Sector: Protecting Sensitive Data and Systems in 2025

Penetration Testing

Discover why penetration testing for the education sector is essential in 2025. Learn how pen testing protects student data, strengthens security, and ensures regulatory compliance.

Penetration Testing

CVE-2025-54057: Stored XSS Vulnerability in Apache SkyWalking

December 2, 2025

Bhargavi Pallati

3 min Read

CVE-2025-54057: Stored XSS Vulnerability in Apache SkyWalking Exposes Monitoring Dashboards to Attackers

Security Bulletin

CVE-2025-54057 exposes Apache SkyWalking dashboards to stored XSS threats.Explore remediation guidance and how AI powered AppTrana protects applications early.

Security Bulletin

November 28, 2025

Vinugayathri Chinnasamy

4 min Read

How to Automate API Security Testing During CI/CD

API Security

Learn how to automate API security testing in CI/CD to catch vulnerabilities early, reduce MTTR, prevent risky deployments, and streamline DevSecOps workflows

API Security

Indusface Blog

React After React2Shell: New RSC Vulnerabilities Expose DoS and Source Code Risks

CVE-2025-66675: Apache Struts DoS Vulnerability Leads to Disk Exhaustion

Secret Scanning: A Critical Practice for Protecting Sensitive Data in Code

227 Key Cybersecurity Statistics: Vulnerabilities, Exploits, and Their Impact for 2026

CVE-2025-10573: Critical Unauthenticated Stored XSS in Ivanti Endpoint Manager

CVE-2025-66516: Critical XXE Vulnerability Exposes Apache Tika Deployments

Managed DDoS Protection for SMBs: Ensuring Uptime, Customer Trust, and Business Continuity

React2Shell(CVE-2025-55182): Critical RCE Vulnerability in React Server Components and Next.js

LLMs, Quantum Computing, and the Top Challenges for CISOs in 2026

Penetration Testing for the Education Sector: Protecting Sensitive Data and Systems in 2025

CVE-2025-54057: Stored XSS Vulnerability in Apache SkyWalking Exposes Monitoring Dashboards to Attackers

How to Automate API Security Testing During CI/CD

Join 51000+ Security Leaders Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

Fully Managed SaaS-Based Web Application Security Solution

Get free access to Integrated Application Scanner, Web Application Firewall, DDoS & Bot Mitigation, and CDN for 14 days