Daniel Andrew

Ghost CVEs are vulnerabilities disclosed in GitHub and advisories before hitting NVD. Tracking them lets us patch threats days faster than teams waiting for official databases.

Critical RCE vulnerabilities (CVE-2026-1281 & CVE-2026-1340) have been discovered in Ivanti EPMM

Google Cloud secures its infrastructure, but customers are responsible for the rest. Discover common pitfalls and how to fix them with best practices.

Avoid costly cloud mistakes. Learn which Azure vulnerabilities you’re responsible for - and how Intruder helps you fix them fast.

Think AWS has your security covered? Not entirely. This blog breaks down what AWS doesn’t secure, real-world risks you’re responsible for, and key actions you can take.

AWS security services help protect your cloud, but they don’t secure everything. See what’s missing and how Intruder goes further to simplify cloud security.

Discover how our security team uncovered complex vulnerabilities that required human expertise to detect - helping our customers stay ahead of emerging threats.

Find out everything you need to know to get started with vulnerability scanning and get the most out of your chosen product.

Find out about Nuclei, the benefits of using multiple scanning engines, and how this helps reduce your attack surface.

Get our take on the impact of the NetScaler vulnerability, see if you're affected, and find out how to fix it.

Understand how penetration tests are quoted and find out what to look out for when choosing a vendor.

Whether you’re a tech start-up or scaling business, you can easily protect your digital systems and data in just few simple steps with powerful, cost-effective tools.

What is the main difference between vulnerability scanning and penetration testing? People frequently confuse the two, but there is a very important distinction.

External penetration testing (also known as external network penetration testing) is a security assessment of an organization's perimeter systems.

Our research shows that Mongo databases are subject to continual attacks when exposed to the internet. Attacks are carried out ...

A new critical vulnerability in affecting Windows systems came to light on Tuesday, affecting SMB services used by the latest versions of...

Intruder’s latest research reveals that up to 13,000 organisations are affected by little-known user enumeration flaws in a range of…

Yesterday (May 14th 2019), Microsoft published a security advisory bulletin for a critical vulnerability in its remote login service…

The recent release of the new hacking tool ‘AutoSploit’ marks the dawn of a new era for unskilled attackers. It provides a fully-automated…

The ROBOT attack. Sounds pretty ominous, right? Choosing catchy names for web-based cryptography (TLS) vulnerabilities has become pretty…

This week has seen the seemingly unstoppable surge of the cryptocurrency ‘Bitcoin’ hit over $10,000 for the first time. As private…

Petya or NotPetya — How long should it take to patch against a globally recognised exploit, and why are attackers still able to use…

“We are the Team Xball and we have chosen your website/network as target for our next DDoS attack.”