Imperva Threat Research
CVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin
Remote attackers can trigger an avalanche of internal ESI requests, exhausting memory and causing denial-of-service in Apache Traffic Server. Executive Summary Imperva’s Offensive Security Team discovered CVE-2025-49763, a high-severity vulnerability (CVSS v3.1 ...
Beware! A threat actor could steal the titles of your private (and draft) WordPress posts!
As of today, almost a billion sites have been built using WordPress, powering businesses and organizations of all sizes. That makes any newly discovered vulnerability especially concerning—like the one recently found and ...
Early 2025 DDoS Attacks Signal a Dangerous Trend in Cybersecurity
As we enter 2025, the threat landscape continues to evolve, with Distributed Denial of Service (DDoS) attacks growing in both scale and sophistication. So far this year, we’ve already seen several major ...
From PyPI to the Dark Marketplace: How a Malicious Package Fuels the Sale of Telegram Identities
Introduction In today’s digital era, security breaches can occur in the blink of an eye. Telegram Desktop is renowned for its secure, user-friendly messaging interface, but what if the data used to ...
Imperva Customers Are Protected Against CVE-2025-31161 in CrushFTP
Introduction A critical security vulnerability, identified as CVE-2025-31161 (previously tracked as CVE-2025-2825), has been discovered in CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0. This flaw allows unauthenticated remote attackers to ...
The Database Kill Chain
Modern attacks targeting sensitive data have become complex. An organization with many assets might be lost when trying to assess its overall risk, understand the pain points and prioritize the tasks required ...
Imperva Protects Against Apache Tomcat Deserialization Vulnerability
Overview A newly disclosed vulnerability, CVE-2025-24813, affecting Apache Tomcat, has been identified as a high-risk path equivalence vulnerability that allows attackers to manipulate filenames with internal dots (.) under specific conditions, leading ...
Imperva Protects Against the Apache Camel Vulnerabilities
Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via ...
Imperva Protects Against the Exploited CVEs in the Cleo Data Theft Attacks
The Clop ransomware group has once again demonstrated its ability to exploit vulnerabilities to compromise sensitive systems. As Cleo—a managed file transfer provider for businesses—grapples with the aftermath of Clop’s targeted attack ...
GSocket Gambling Scavenger – How Hackers Use PHP Backdoors and GSocket to Facilitate Illegal Gambling in Indonesia
Since 1974, gambling has been officially illegal in Indonesia. However, the digital revolution of the 2000s introduced a new challenge: the rapid growth of online gambling platforms. This technological shift has created ...
