1025 matches found
Another Critical RCE Discovered in a Popular MCP Server
Artificial Intelligence development is moving faster than secure coding practices, and attackers are taking notice. Imperva Threat Research recently uncovered and disclosed a critical Remote Code Execution RCE vulnerability CVE-2025-53967 in the Framelink Figma MCP Server. This is just one exampl...
Operation Eastwood: Measuring the Real Impact on NoName057(16)
Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057016. The announcement promised a major disruption to the group’s activities. In this blog, we explore whethe...
The Future of SSL Certificate Management: Adapting to Shortened Renewal Periods
The industry is evolving yet again. With the CA/Browser Forum's recent decision to reduce the maximum SSL/TLS certificate lifecycle to 47 days by 2029, the way organizations manage their certificates is going to change significantly—and sooner than most realize. This update builds on the trend of...
How to Comply with PCI DSS 4.0 Requirements 6.4.3 and 11.6.1
The countdown to compliance is in its final stretch. With the third and final phase of PCI DSS 4.0 requirements taking effect on March 31, 2025, organizations are under increasing pressure to ensure their client-side security measures meet the new requirements. At Imperva, we’re committed to...
Navigating the New Era of AI Traffic: How to Identify and Block AI Scrapers
In the not-so-distant past, webmasters faced challenges from bots like Google's search spiders, which diligently scanned websites to index content and provide the best search results for users. Fast forward to today, and we are witnessing a new breed of bot: Large Language Models LLMs like ChatGP...
How Generative AI Will Transform Cybersecurity
One of the most promising developments in the fight against cybersecurity threats is the use of artificial intelligence AI. This cutting-edge technology has the potential to revolutionize the way organizations manage cyberthreats, offering unprecedented levels of protection and adaptability. AI i...
Is the FSI innovation rush leaving your data and application security controls behind?
Fuelled by rising consumer expectations for innovative services and easy real-time access to financial products and information, financial services industries FSI and fintech organizations are racing to out-innovate each other and capture market share. The sizeable growth of investments into the...
“Oops, I insecurely coded again!”
The call is coming from inside the house It’s no secret that companies need to be vigilant about application security. However, frequently the source of application vulnerabilities may come as a surprise to security teams. While zero-day exploits are a principal focus of vulnerability mitigation...
Four Benefits of Software as a Service (SaaS) for Cybersecurity Teams
Software as a service, or SaaS as it’s more commonly known, is more than just a license delivery model and a way for cybersecurity teams to pay for critical cybersecurity software - it has real benefits for the customer. In a SaaS distribution model, the software is hosted by the software service...
3 Data Source Coverage Capabilities You Need from Your Database Security Solution
When Henry Ford, the de-facto inventor of mass production, was asked during a production meeting in 1909 in which colors his Model T automobile would be available to consumers, Ford - a notorious stickler for keeping costs to the bare minimum - offered almost no optional extras and that included...
Protecting today’s web applications requires more than a firewall
The way organizations build web applications has changed dramatically over the last several years. As a result, many organizations are considering additional security strategies to augment the Web Application Firewall WAF on which they have relied to protect critical digital business operations...
The SysAdmin Class for the World’s Greatest Role-Playing Game
If you’re not sure what a System Administrator SysAdmin does, this is the person in your company or possibly an external contractor who fearlessly oversees the maintenance, care, configuration, and stable operation of your computers and servers. It’s your SysAdmin who is responsible for the...
Your Security Operations Team Just Got Faster: Meet Imperva’s AI Assistant.
There is a moment every security analyst knows well. It’s 2am , an alert fires, and you’re staring at a console trying to make sense of what just happened—fast. You need context, scope, and impact: What’s being targeted? Where is it coming from? Is it getting worse? What should we do next? That...
API Security Operations: How to Move from Visibility to Measurable Risk Reduction
A five-level operating model for turning API security visibility into measurable risk reduction, faster remediation, and confident digital growth — without slowing development. What is API security operationalization? API security operationalization is the process of converting API discovery and...
Imperva Partners with TollBit to Power AI Traffic Monetization for Content Owners
The surge in AI-driven traffic is transforming how websites manage their content. With AI bots and agents visiting sites at unprecedented rates often scraping without permission, payment, or attribution content owners face a critical challenge: how to protect their intellectual property while...
CVE-2025-61757: Imperva Customers Protected Against Critical Oracle Identity Manager Authentication Bypass Leading to Remote Code Execution
At the end of October 2025, Oracle released an emergency security alert addressing CVE-2025-61757, a high-severity authentication-bypass flaw that enables remote code execution in the Identity Manager product of Oracle Fusion Middleware versions 12.2.1.4.0 and 14.1.2.1.0. Multiple threat actors a...
Imperva Enhances Client-Side Protection to Help You Stay Ahead of PCI-DSS Compliance
When the latest PCI DSS 4.0 requirements came into full effect in March 2025, organizations processing cardholder data faced new obligations to protect payment pages from client-side risks. Requirements such as 6.4.3 script inventory, authorization, and integrity monitoring and 11.6.1 detection o...
Imperva Detects and Mitigates Rejetto HFS Spray-and-Pray Ransomware/Trojan Campaign
On July 19th, Imperva Threat Research team detected a sudden surge in HTTP probes targeting Rejetto HTTP File Server HFS 2.x instances. What looked like routine internet noise quickly revealed itself as a coordinated attempt to exploit a critical unauthenticated server-side template injection...
Surges in Cyber Activity Accompany Regional Military Operations
Geopolitical events and military operations often trigger a cascade of online activity, both legitimate and malicious. Recent data from our global threat network highlights the strong connection between military escalations and cyberattacks, with the latest example unfolding in the Middle East...
Elastic WAF: Reshaping Application Security for DevOps and Hybrid Environments
We recently discussed Imperva’s vision for the future of application security, where we also covered the Imperva Security Engine. This innovative application security framework is powering up the next generation of Imperva solutions, the first of which is Imperva Elastic WAF. This blog is the fir...
CVE-2025-49763 – Remote DoS via Memory Exhaustion in Apache Traffic Server via ESI Plugin
Remote attackers can trigger an avalanche of internal ESI requests, exhausting memory and causing denial-of-service in Apache Traffic Server. Executive Summary Imperva’s Offensive Security Team discovered CVE-2025-49763, a high-severity vulnerability CVSS v3.1 estimated score: 7.5 in Apache Traff...
Discover First, Defend Fully: The Essential First Step on Your API Security Journey
APIs power today’s digital economy, but their lightning-fast evolution and astronomical call volumes can leave security teams scrambling to keep up. How can you secure what you can’t yet see or quantify? Imperva’s Unlimited Discovery-Only capability for the Cloud WAF CWAF add-On delivers...
First Things First: Know and Prioritize Your Risk in Data Security
Fortify your risk posture by shifting focus from network security to data-centric security for more robust cyber defense. Cyberattacks are one of the most onerous threats faced by businesses today. Not only is cybercrime skyrocketing in volume, it is also increasing in AI/ML-powered sophisticatio...
Imperva and the Secure by Design Pledge: A Commitment to Cybersecurity Excellence
The Cybersecurity and Infrastructure Security Agency CISA has introduced a voluntary "Secure by Design Pledge" for enterprise software manufacturers, focusing on improving the security of their products and services. This pledge outlines seven key principles, forming the core of a robust...
Java(Script) Drive-By, Hacking Without 0days
A remote code execution chain in Google Chrome, which allows an attacker to execute code on the host machine, can cost anywhere from $250,000 to $500,000. Nowadays, such powers are typically reserved for governments and spy agencies. But not so long ago, similar capabilities were accessible to th...
Modernizing Data Security: Imperva and IBM Z in Action
As data security continues to evolve, businesses require solutions that scale to modern environments. Imperva and IBM Z have partnered to deliver a comprehensive approach to securing data within IBM z/OS environments while supporting the agility, resource availability, and cost-efficiency that...
Simplifying Infrastructure Management with Imperva’s Terraform Module for Cloud WAF
In todays rapidly evolving technological landscape, managing infrastructure efficiently is paramount for businesses striving to stay competitive. With the rise of cloud computing, Infrastructure as Code IaC has emerged as a game-changer, enabling organizations to automate the provisioning and...
Accelerating Cloud-Native Data Security Deployments at Scale with Imperva’s eDSF Kit
Todays evolving digital landscape and the rapid expansion of cloud technologies have necessitated a shift in the approach of deploying and managing data security across multiple platforms. Traditional methods of manual deployment of data activity monitoring, risk analytics, and threat detection...
Advanced Persistent Threat Groups Behind DDoS Attacks on Danish Hospitals
On Sunday 26 February the websites of several Danish hospitals were taken offline after being hit by Distributed Denial of Service DDoS attacks claimed by a group calling themselves ‘Anonymous Sudan’. According to reports on Twitter patient care was unaffected by the attacks and the sites were ba...
Imperva DSF Secures Your Data in Amazon Web Services Enterprise Data Lakes
Data lakes serve as a central repository for storing several data types - structured, semi-structured, and unstructured - at scale. One of the ways data lakes are useful is they do not require any upfront work on the data. You can simply integrate and store data as it streams in from multiple...
Reduce Risk from Insider Threats Using Imperva Data Security Fabric
The definition of insider threats is as broad as the risks it represents. While insider threats may originate from negligent or malicious employees, they can also be external cybercriminals who bypassed perimeter controls using a compromised user account. No matter the source, or motivation,...
DDoS attacks on VoIP and the urgent need for DDoS protection
VoIP companies have recently been the target of a series of ransom Distributed Denial of Service DDoS attacks around the globe with UK-based VoIP providers including VoIP Unlimited, and Quebec-based company VoIP.ms being hit by aggressive and sustained attacks destabilizing their infrastructure a...
AI Agents Are Visiting Your Website. Which Ones Should You Trust?
The internet is changing fast. For years, the main goal of search was simple: to help users find links. A user searched, reviewed results, clicked a website, and consumed the content directly from the source. But AI is changing that model. Increasingly, users ask AI assistants for answers instead...
Compromise OpenClaw with Prompt Injections in Message Objects
Executive Summary As powerful personal AI assistants become increasingly widespread, their ability to access tools, files, and external services also makes them susceptible to prompt injection attacks, where malicious content can manipulate their behavior. This research evaluated OpenClaw against...
CVE-2026-23870: Imperva Customers Protected Against Critical React Server Components DoS Vulnerability
TL;DR:A newly disclosed denial-of-service vulnerability, CVE-2026-23870, impacts React Server Components and dependent frameworks, including Next.js App Router deployments. The flaw enables unauthenticated attackers to send specially crafted HTTP requests that trigger excessive CPU consumption...
Your Redis Server Looks Fine. That’s the Problem.
Introduction There’s an automated attack circulating right now that breaks into unprotected Redis servers, takes over the underlying machine, and then carefully puts everything back the way it found it. It restores the database filename. It deletes the tools it used. It detaches from the...
A New Denial-of-Service Vector in React Server Components
React Server Components RSC have introduced a hybrid execution model that expands application capabilities while increasing the potential attack surface. Following earlier disclosures and fixes related to React DoS vulnerabilities, an additional analysis of RSC internals was conducted to assess...
Security by Design: Why Multi-Factor Authentication Matters More Than Ever
In an era marked by escalating cyber threats and evolving risk landscapes, organisations face mounting pressure to strengthen their security posture whilst maintaining seamless user experiences. At Thales, we recognise that robust security must be foundational - embedded into products and service...
Imperva Named a Leader in KuppingerCole’s Leadership Compass 2025 for Web Application and API Protection
In the latest 2025 KuppingerCole Leadership Compass for Web Application and API Protection WAAP, Imperva has once again secured a Leadership position; a testament to our unwavering commitment to protecting the modern digital experience. Why This Report Matters The WAAP market represents the...
CVE-2025-62725: From “docker compose ps” to System Compromise
Docker Compose powers millions of workflows, from CI/CD runners and local development stacks to cloud workspaces and enterprise build pipelines. It’s trusted by developers as the friendly layer above Docker Engine that turns a few YAML lines into a running application. In early October 2025, whil...
Why Separating Control and Data Planes Matters in Application Security
Modern application environments are dynamic, distributed, and moving faster than ever. DevOps teams deploy new services daily, APIs multiply across regions, and traffic fluctuates by the hour. At the same time, organizations must uphold security, compliance, and availability without slowing...
How to Eliminate Deployment Bottlenecks Without Sacrificing Application Security
Today, organizations increasingly rely on DevOps to accelerate software delivery, improve operational efficiency, and enhance business performance. According to RedGate, 74% have adopted DevOps, and according to Harvard Business Review Analytics, 77% of organizations currently depend on DevOps to...
Introducing DataTrap: A Smarter, More Adaptive Honeypot Framework
Today, we're excited to release DataTrap, a powerful, extensible honeypot system built to simulate realistic web applications, IoT devices, and database behavior across HTTP, HTTPS, SSH, and database protocols e.g., MySQL. What sets DataTrap apart? It goes beyond static honeypots by combining...
How Imperva Protects the Arts Industry from Ticketing Abuse by Carding Bots
The ticketing industry is under constant threat from malicious bots, with bad actors targeting these platforms for financial gain. Bots accounted for 31.1% of all traffic to entertainment platforms in 2024, with attacks ranging from scalping and credential stuffing to carding operations. When one...
Seven Cybersecurity Tips to Protect Your Retail Business This Holiday Season
It’s no secret that the holiday season is the busiest time for online retailers, with sales starting as early as October and stretching until late December. According to the NRF, census data suggests that 2023 holiday sales experienced a 3.8% growth, reaching a record $964.4 billion about $3,000...
Enhancing Security and Compliance in the Energy Sector: Imperva’s Cipher Suite Support
In the energy and utility sector, safeguarding data and ensuring compliance with regulatory standards is paramount. With the increasing digitalization of operations, from smart grids to IoT-enabled devices, the need for robust encryption methods to protect sensitive information has never been...
API Security Demystified: Which Tools Actually Protect Your APIs (And Where the Gaps Are)
Introduction Quick answer: No single tool secures an API. API security is a layered discipline. Secure-coding analyzers and SCA scanners catch code and dependency flaws; DAST tests running APIs; API gateways and IAM enforce authentication and rate limits; a WAF blocks known attack patterns; bot...
Enterprise-Grade Application Security, Cloud-Native Speed: Introducing Imperva for Google Cloud
In today’s dynamic digital environment, the pressure to innovate has never been greater. Development teams are pushing for native cloud tools to maximize performance and cost-efficiency, while security teams require best-of-breed, enterprise-grade protection to defend against an ever-evolving...
Why AI Bot Protection and Control Are Essential for Application Security
AI-driven automation is no longer emerging. It is already integrated and accepted as internet traffic. From AI assistants and crawlers to enterprise automation tools, websites are now routinely accessed by non-human actors operating at scale. Vulnerabilities or weaknesses in your application...
Why Most DDoS Protection Fails: Solving for Continuity and Resilience
Most organisations assume DDoS Distributed denial of service protection is a box they’ve already ticked. If traffic spikes or an attack starts, the thinking goes, their provider will absorb it and move on. But in the real world it can be a different story. Many incidents aren’t caused by the scal...