AI pentesting: the depth of a pentest, on-demand

AI pentesting: the depth of a pentest, on-demand

AI pentesting validates scanner findings in minutes, confirming real risks, ruling out false positives, and uncovering true impact. Now available in Intruder.
Eamon Carroll
|
min read
April 30, 2026
|
min read
Introducing container image scanning: no agents, no blind spots

Introducing container image scanning: no agents, no blind spots

Agentless container image scanning. Automatically discover and continuously scan your container images across AWS, Azure, and Google Cloud. No agents, no blind spots.
Eamon Carroll
|
min read
April 9, 2026
The cloud isn't secure by default: what containers changed about risk

The cloud isn't secure by default: what containers changed about risk

Containers made it easier to ship fast — and easier to ship risk. Intruder's VP of Product breaks down where container risk comes from across the full security lifecycle, and what
Charlie Yianni
|
min read
March 24, 2026
Overconfident and under resourced: navigating the midmarket security gap

Overconfident and under resourced: navigating the midmarket security gap

Too complex for SMB tools, too lean for enterprise stacks - midmarket security teams are stuck in the middle. New research reveals how bad the gap really is.
Olya Osiagina
|
min read
March 23, 2026
cPanel: auth bypass into RCE on a 1,000,000+ internet-facing hosts (CVE-2026-41940)

cPanel: auth bypass into RCE on a 1,000,000+ internet-facing hosts (CVE-2026-41940)

A pre-auth RCE in cPanel & WHM (CVE-2026-41940) gives attackers root on over a million internet-facing hosts. What it is, why it matters, and what to do.
Daniel Andrew
|
min read
April 30, 2026
The Vulnerabulletin Issue #6

The Vulnerabulletin Issue #6

Issue 6 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
|
min read
April 16, 2026
The Vulnerabulletin Issue #5

The Vulnerabulletin Issue #5

Issue 5 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
|
min read
March 18, 2026
See TODAY’S CVE TRENDS

Our latest research

more research
From enterprise chatbots to gooner caves: exposed AI infrastructure is rampant

From enterprise chatbots to gooner caves: exposed AI infrastructure is rampant

We scanned 1 million AI services and found widespread misconfigurations, exposed credentials, and unauthenticated APIs. AI infrastructure security is falling dangerously behind.
Benjamin Marr
March 27, 2026
Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Secrets in your Bundle(.js) - The Gift Attackers Always Wanted

Our scan of 5M apps uncovered 42k+ tokens in JavaScript bundles, from code repo tokens to project management API keys. Learn why traditional scanners miss them, and how Intruder’s new secrets detection method catches what others can’t.
Benjamin Marr
December 11, 2025
AI Vibe Coding: When Convenience Turns Into a Security Liability

AI Vibe Coding: When Convenience Turns Into a Security Liability

When we used AI to help code a honeypot, it introduced a vulnerability of its own. What transpired was a fascinating, if uncomfortable, lesson in AI complacency - how easily trust in automation can make us miss what’s right in front of us. We share what we learned and what it means for anyone using AI to code.
Sam Pizzey
December 2, 2025

Cyber explainers

more guides
9 best DevSecOps tools for 2026

9 best DevSecOps tools for 2026

DevSecOps tools help identify security vulnerabilities early in your development process. Explore our list of the best tools for 2025.
Christian Gonzalez
November 29, 2023
AWS Cloud Security Explained: What’s Left Exposed?

AWS Cloud Security Explained: What’s Left Exposed?

Think AWS has your security covered? Not entirely. This blog breaks down what AWS doesn’t secure, real-world risks you’re responsible for, and key actions you can take.
Daniel Andrew
March 20, 2025
AWS Security Services: What They Do and Don’t Do

AWS Security Services: What They Do and Don’t Do

AWS security services help protect your cloud, but they don’t secure everything. See what’s missing and how Intruder goes further to simplify cloud security.
Daniel Andrew
March 6, 2025
The Security Middle Child
How midmarket security teams are managing growth, complexity, and risk
get the report

Product news

more releases
AI pentesting: the depth of a pentest, on-demand

AI pentesting: the depth of a pentest, on-demand

AI pentesting validates scanner findings in minutes, confirming real risks, ruling out false positives, and uncovering true impact. Now available in Intruder.
Eamon Carroll
April 30, 2026
The Vulnerabulletin Issue #6

The Vulnerabulletin Issue #6

Issue 6 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
April 16, 2026
The Vulnerabulletin Issue #5

The Vulnerabulletin Issue #5

Issue 5 of our monthly newsletter, packed with research, industry news and Intruder updates.
Dann Moore
March 18, 2026
Clear all filters
Just how serious is the “ROBOT Attack”?

Just how serious is the “ROBOT Attack”?

The ROBOT attack. Sounds pretty ominous, right? Choosing catchy names for web-based cryptography (TLS) vulnerabilities has become pretty…
Daniel Andrew
|
min read
December 18, 2017
|
min read
Vulnerabilities and Threats
“The Norwegian Government hacked my startup!”

“The Norwegian Government hacked my startup!”

At least, that’s how the conversation started, on a Whatsapp message early on a Friday evening in October, when a concerned startup founder…
Chris Wallis
|
min read
December 8, 2017
|
min read
Insights
Is Your Web Browser Secretly Mining Bitcoins?

Is Your Web Browser Secretly Mining Bitcoins?

This week has seen the seemingly unstoppable surge of the cryptocurrency ‘Bitcoin’ hit over $10,000 for the first time. As private…
Daniel Andrew
|
min read
December 1, 2017
|
min read
Insights
Petya or NotPetya, Why is MS17–010 Still Not Patched?

Petya or NotPetya, Why is MS17–010 Still Not Patched?

Petya or NotPetya — How long should it take to patch against a globally recognised exploit, and why are attackers still able to use…
Daniel Andrew
|
min read
June 30, 2017
|
min read
Vulnerabilities and Threats
Team Xball — DDoS Extortion Hoax

Team Xball — DDoS Extortion Hoax

“We are the Team Xball and we have chosen your website/network as target for our next DDoS attack.”
Daniel Andrew
|
min read
June 15, 2017
|
min read
Vulnerabilities and Threats
Apache Struts — Remote Code Execution — CVE-2017–5638

Apache Struts — Remote Code Execution — CVE-2017–5638

On March 7th a critical vulnerability was announced in the Apache Struts framework, a popular web development toolkit that is commonly used…
Chris Wallis
|
min read
March 9, 2017
|
min read
Vulnerabilities and Threats
200,000 websites still affected by three year old security weakness (Heartbleed)

200,000 websites still affected by three year old security weakness (Heartbleed)

The Heartbleed vulnerability, renowned for allowing hackers anywhere on the internet to access encrypted communication between websites and…
Chris Wallis
|
min read
January 24, 2017
|
min read
Vulnerabilities and Threats
Intruder Vulnerability Bulletin — PHPMailer, SwiftMailer & ZendFramework Code Execution Vulnerabilities

Intruder Vulnerability Bulletin — PHPMailer, SwiftMailer & ZendFramework Code Execution Vulnerabilities

A number of vulnerabilities were recently discovered, which affect email sending functionality in the following software libraries:
David Robinson
|
min read
January 3, 2017
|
min read
Vulnerabilities and Threats
Intruder Vulnerability Bulletin — PHPMailer Code Execution Vulnerability

Intruder Vulnerability Bulletin — PHPMailer Code Execution Vulnerability

A vulnerability in the PHPMailer library was recently discovered, which affects versions of the software before 5.2.18.
David Robinson
|
min read
December 27, 2016
|
min read
Vulnerabilities and Threats
Memcached Code Execution Vulnerabilities — Intruder Vulnerability Bulletin

Memcached Code Execution Vulnerabilities — Intruder Vulnerability Bulletin

A number of new vulnerabilities in Memcached were recently discovered, which affect versions of the software before 1.4.33.
David Robinson
|
min read
November 2, 2016
|
min read
Vulnerabilities and Threats
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Sign up for your free 14-day trial

Start today