Phoenix Security https://phoenix.security/ Contextualize Prioritize and ACT ON RISK Mon, 16 Mar 2026 15:47:29 +0000 en-GB hourly 1 https://wordpress.org/?v=6.7.2 https://phoenix.security/media/Favicon-1-150x150.png Phoenix Security https://phoenix.security/ 32 32 Open-Sourcing the Security Practitioner’s AI Toolkit: Phoenix Security Skills for Claude Code https://phoenix.security/phoenix-security-claude-code-skills/ Tue, 10 Mar 2026 15:47:45 +0000 https://phoenix.security/?p=40631 AI coding tools are everywhere. Most security teams use them for autocomplete. These skills do something different: structured, context-rich workflows that produce practitioner-grade security outputs.

The post Open-Sourcing the Security Practitioner’s AI Toolkit: Phoenix Security Skills for Claude Code appeared first on Phoenix Security.

]]> Phoenix Security Launches AI-Powered Remediation Engine: Surgical Container-to-Code Fixes Without Deploying a Single Agent #2 https://phoenix.security/phoenix-ai-remediation-engine-container-security-2/ Tue, 10 Mar 2026 15:47:45 +0000 https://phoenix.security/phoenix-ai-remediation-engine-container-security-2/ Phoenix Security announced the general availability of its AI-powered Remediation Engine, enabling agentless container vulnerability remediation aligned with CTEM principles. By correlating container lineage to build files, the platform reduces SCA noise by up to 91% and generates precise remediation actions engineers and AI agents can execute instantly.

The post Phoenix Security Launches AI-Powered Remediation Engine: Surgical Container-to-Code Fixes Without Deploying a Single Agent #2 appeared first on Phoenix Security.

]]> Remediation Is a Design Constraint: The Phoenix Security Philosophy https://phoenix.security/remediation-first-vulnerability-management-2/ Mon, 09 Mar 2026 10:49:43 +0000 https://phoenix.security/?p=40613 Phoenix Security approaches vulnerability management as a remediation engineering problem. By combining reachability analysis, contextual deduplication, and minimal-impact upgrades, Phoenix transforms hundreds of findings into a small set of changes engineers can actually ship.

The post Remediation Is a Design Constraint: The Phoenix Security Philosophy appeared first on Phoenix Security.

]]> SANDWORM MODE: Stop the Sha1-Hulud-Style NPM Worm Poisoning DevSecOps and AI Toolchains https://phoenix.security/sandworm-mode-npm-supply-chain-worm/ Mon, 23 Feb 2026 10:58:04 +0000 https://phoenix.security/?p=40498 SANDWORM_MODE weaponizes typosquatting, CI injection, and AI toolchain poisoning to steal credentials and propagate across repositories.

The post SANDWORM MODE: Stop the Sha1-Hulud-Style NPM Worm Poisoning DevSecOps and AI Toolchains appeared first on Phoenix Security.

]]> Phoenix Security Named Leader in Application Security Management 2026 https://phoenix.security/continuous-threat-exposure-management-2026/ Thu, 19 Feb 2026 14:54:31 +0000 https://phoenix.security/?p=40466 The 2026 Latio Application Security Market Report signals a decisive shift from traditional ASPM to Continuous Threat Exposure Management (CTEM), redefining how enterprises reduce exposure, validate runtime risk, and drive remediation at scale.

The post Phoenix Security Named Leader in Application Security Management 2026 appeared first on Phoenix Security.

]]> Phoenix Security Named Application Security Management Leader 2026 by Latio https://phoenix.security/application-security-management-leader-2026-latio/ Wed, 18 Feb 2026 13:50:02 +0000 https://phoenix.security/?p=40459 Phoenix Security named Application Security Management Leader 2026 by Latio, recognized for enterprise attribution, code-to-cloud visibility, and measurable vulnerability noise reduction across global organizations.

The post Phoenix Security Named Application Security Management Leader 2026 by Latio appeared first on Phoenix Security.

]]> Remediation That Actually Lands: How Phoenix Security Turns Findings Into Fixes https://phoenix.security/remediation-first-vulnerability-management/ Mon, 16 Feb 2026 10:50:27 +0000 https://phoenix.security/?p=40323 Phoenix Security turns thousands of vulnerability findings into a small set of high-impact remediation actions by prioritizing what is reachable, exploitable, and business-critical.

The post Remediation That Actually Lands: How Phoenix Security Turns Findings Into Fixes appeared first on Phoenix Security.

]]> Beat Sha1-Hulud 3.0 Before It Ships Your Secrets https://phoenix.security/sha1-hulud-v3-npm-supply-chain-attack/ Mon, 05 Jan 2026 16:36:46 +0000 https://phoenix.security/?p=38549 Sha1-Hulud V3.0 is not a typical vulnerability — it’s a malicious npm package that executes on install, steals CI and cloud credentials, and weaponizes npm and GitHub tokens to spread further. If it touched your build system, assume compromise.

The post Beat Sha1-Hulud 3.0 Before It Ships Your Secrets appeared first on Phoenix Security.

]]> MongoBleed: CVE-2025-14847 Memory Corruption in MongoDB. Your Database Talks Back https://phoenix.security/mongobleed-vulnerability-cve-2025-14847/ Mon, 29 Dec 2025 12:14:31 +0000 https://phoenix.security/?p=38475 A compression bug in MongoDB turns a core database feature into a silent data exfiltration channel. CVE-2025-14847, nicknamed MongoBleed, allows remote attackers to extract uninitialized heap memory without credentials. With zlib enabled by default and tens of thousands of instances exposed online, this is a real-world data breach waiting to happen.

The post MongoBleed: CVE-2025-14847 Memory Corruption in MongoDB. Your Database Talks Back appeared first on Phoenix Security.

]]> MongoBleed Vulnerability: CVE-2025-14847 in MongoDB MongoBleed vulnerability (CVE-2025-14847) leaks MongoDB heap memory without auth via zlib. See affected versions, exposure, and fixes. Application Security,ASPM,CVE-2025-14847,DevSecOps,MongoBleed,MongoDB,resources,vuln_weekly,vulnerabilities,vulnerability,Vulnerability Management,vulnerability News,Vulnerability Weekly,MongoBleed vulnerability Cisco Kenna Security end of life: how to replace Kenna Security with modern CTEM-ready unified vulnerability management https://phoenix.security/cisco-kenna-security-eol-replacement-guide/ Sun, 21 Dec 2025 15:15:09 +0000 https://phoenix.security/?p=38408 Cisco Kenna Security is going end of life. Learn the EOL dates, what stops updating, and how to replace Kenna Security with a modern CTEM-ready, unified vulnerability management platform.

The post Cisco Kenna Security end of life: how to replace Kenna Security with modern CTEM-ready unified vulnerability management appeared first on Phoenix Security.

]]> React2Shell CVE-2025-55182 plus CVE-2025-55184 Ddos: Exploitation update, In-the-Wild Abuse, update IOCs, exploited target, threat actors and scanning resources https://phoenix.security/react2shell-cve-2025-55182-exploitation/ Sun, 14 Dec 2025 21:16:40 +0000 https://phoenix.security/?p=38337 React2Shell is a pre-auth, single-request RCE in React Server Components that turned Next.js App Router deployments into high-value internet targets overnight. This write-up breaks down the exploit chain, what attackers do after landing, and the fast-moving follow-up CVEs that forced teams to patch again.

The post React2Shell CVE-2025-55182 plus CVE-2025-55184 Ddos: Exploitation update, In-the-Wild Abuse, update IOCs, exploited target, threat actors and scanning resources appeared first on Phoenix Security.

]]> React2Shell CVE-2025-55182 plus CVE-2025-55184 Ddos: Exploitation update, In-the-Wild Abuse, update IOCs, exploited target, threat actors and scanning resources - Phoenix Security Deep technical analysis of React2Shell (CVE-2025-55182) in React Server Components: unsafe deserialization, exploitation workflow, affected versions, in-the-wild campaigns, and follow-up CVEs (CVE-2025-55184, CVE-2025-67779, CVE-2025-55183). Includes practical detection, temporary protections, and how Phoenix Security ASPM correlates external attack surface, code scanning, attribution, and exploitation intel. Application Security,ASPM vuln_news,CVE,CVE-2025-55182,exploitation,react2shell,react4shell,resources,vuln_weekly,vulnerabilities,vulnerability,vulnerability News,Vulnerability Weekly,React2Shell React2Shell / React4Shell Resources: CVE-2025-55182 (React RSC Flight) and CVE-2025-66478 (Next.js App Router) with IOCs, exploitability updates, and scanning links https://phoenix.security/react2shell-resources/ Mon, 08 Dec 2025 13:49:28 +0000 https://phoenix.security/?p=38311 React4Shell (also tracked as React2Shell and “Freight Night”) turns React Server Components into an unauthenticated remote code execution path via the Flight protocol. Public PoCs are circulating, scanning is spiking, and large-scale exploitation has already been reported. Patch fast, then verify what’s actually running.

The post React2Shell / React4Shell Resources: CVE-2025-55182 (React RSC Flight) and CVE-2025-66478 (Next.js App Router) with IOCs, exploitability updates, and scanning links appeared first on Phoenix Security.

]]>