Media Coverage

Author: MD. Azim Uddin Figure 1: India's Cyber Digital Monsoon 2025 As we monitor the movements of threat actors across the Asia Pacific (APAC) region, examining attack trends and the evolution of cyber warfare from low-skill attacks conducted by inexperienced actors to advanced state-sponsored operations, it is clear that 2025 marked a sobering moment for India’s cybersecurity landscape. Our analysis presents a concerning reality: India has become one of the world's top targ

Author(s): Reyben T. Cortes, Azim Udin, Unit Zero Threat Research Team, DefusedCyber Figure 1: Pie chart statistics of top n8n versions in Japan Happy New Year! Since early December leading up to the Holiday break we flagged a series of n8n vulnerabilities that came to our immediate attention, for a good reason. N8n one of the most trending, Free-to-start low-code no code automation platform used by all types of users and organizations worldwide. Due to it's extremely scalabl

Author(s): Reyben T. Cortes Happy Friday! It was the calm before the storm, within the past 48 hours the security community finally came full circle after details of a working PoC (Proof of Concept) exploit recently went public for CVE-2025-66478, an unpublished Next.js vulnerability built on React created by Vercel. With Its focus on making beautiful interactive user interface, the widely used frontend library garnered over 82 million websites worldwide, becoming the world's

Author(s): Reyben T. Cortes, Md. Azim Uddin, Abdullah Al Mamun POST /ReportingWebService/ReportingWebService.asmx HTTP/1.1 Host: [redacted]:8530 User-Agent: Windows-Update-Agent Content-Length: 5244 Accept: text/xml Connection: Keep-Alive Content-Type: text/xml SOAPAction: "http://www.microsoft.com/SoftwareDistribution/ReportEventBatch" Accept-Encoding: gzip Connection: close Figure 0: HTTP POST Request ReportingWebService[.]asmx Trick or Treat! It's the nightmare before Hall