The Shadowserver Foundation
LightNews LightNews
shadowserver.bsky.social
The Shadowserver Foundation
@shadowserver.bsky.social
4.9K followers 0 following 750 posts
Our mission is to make the Internet more secure by bringing to light vulnerabilities, malicious activity and emerging threats. Join our Alliance!
https://shadowserver.org/partner
Posts Replies Media Videos
shadowserver.bsky.social
Update to latest SmarterMail version (Build 9413 and later): www.smartertools.com/smartermail/...

#CyberCivilDefense
SmarterTools Incorporated
Our business email server, team chat, online help desk and web analytics software will help your business succeed. For business or personal users worldwide.
www.smartertools.com
January 13, 2026 at 12:30 PM
shadowserver.bsky.social
NVD entry: nvd.nist.gov/vuln/detail/...

Singapore CSA advisory: www.csa.gov.sg/alerts-and-a...

CVE-2025-52691 Tracker: dashboard.shadowserver.org/statistics/c...

SmarterMail exposure tracker (not a vulnerability assessment):
dashboard.shadowserver.org/statistics/i...
NVD - CVE-2025-52691
nvd.nist.gov
January 13, 2026 at 12:30 PM
shadowserver.bsky.social
IP data shared in Vulnerable HTTP reporting: shadowserver.org/what-we-do/n...
CRITICAL: Vulnerable HTTP Report | The Shadowserver Foundation
DESCRIPTION LAST UPDATED: 2026-01-09 DEFAULT SEVERITY LEVEL: CRITICAL This report identifies hosts that have the Hypertext Transfer Protocol (HTTP) service running on some port that may have a vulnera...
shadowserver.org
January 12, 2026 at 5:18 PM
shadowserver.bsky.social
Note this is a version based scan. If you receive an alert from us make sure to update!

Vulnerability details: www.cyera.com/research-lab...
NVD - CVE-2026-21858
nvd.nist.gov
January 10, 2026 at 8:18 PM
shadowserver.bsky.social
Thank you to Validin for the collaboration on the scan!

Dashboard World Map view:
dashboard.shadowserver.org/statistics/c...

CVE-2026-21858 Tracker:
dashboard.shadowserver.org/statistics/c...

Advisory with patch info: github.com/n8n-io/n8n/s...

NVD entry: nvd.nist.gov/vuln/detail/...
World map · General statistics · The Shadowserver Foundation
dashboard.shadowserver.org
January 10, 2026 at 8:18 PM
shadowserver.bsky.social
CVE-2020-12812 is also on CISA KEV.

Dashboard World Map view:
dashboard.shadowserver.org/statistics/c...

Dashboard Tree Map view:
dashboard.shadowserver.org/statistics/c...

Original Fortinet advisory from July 2020: www.fortiguard.com/psirt/FG-IR-...

#CyberCivilDefense
World map · General statistics · The Shadowserver Foundation
dashboard.shadowserver.org
January 2, 2026 at 11:10 AM
shadowserver.bsky.social
Note FPs on CVE-2025-14847 tagging may be possible due to backporting patches without bumping versions.

IP data on exposed instances is shared daily since Feb 2015!

To view exposed info on Dashboard select source 'scan' 'scan6' & tag 'mongodb' dashboard.shadowserver.org/statistics/c...
Time series · General statistics · The Shadowserver Foundation
dashboard.shadowserver.org
December 29, 2025 at 7:45 PM
shadowserver.bsky.social
#CyberCivilDefense
December 29, 2025 at 7:36 PM
shadowserver.bsky.social
Advisory & patch details on CVE-2025-14847 can be found at jira.mongodb.org/browse/SERVE...

If you receive an alert from us, check for compromise!

Upgrade to 8.2.3, 8.0.17, 7.0.28, 6.0.27, 5.0.32, or 4.4.30.
Loading...
jira.mongodb.org
December 29, 2025 at 7:36 PM
shadowserver.bsky.social
Most affected (most unpatched IPs): US (38.3K), Germany (14K), Italy (12.3K)

CVE-2025-14733 World Map view: dashboard.shadowserver.org/statistics/c...

CVE-2025-14733 Tracker: dashboard.shadowserver.org/statistics/c...

#CyberCivilDefense
Tree map · General statistics · The Shadowserver Foundation
dashboard.shadowserver.org
December 21, 2025 at 6:42 PM
shadowserver.bsky.social
We share daily IP data in our Vulnerable ISAKMP Report, tagged 'cve-2025-14733': www.shadowserver.org/what-we-do/n...

CVE-2025-14733 is reported exploited in the wild & on US CISA KEV: www.cisa.gov/known-exploi...

If you receive a report from us, check for signs of compromise as well
December 21, 2025 at 6:42 PM
shadowserver.bsky.social
We also shared fingerprinted instances in our Device Identification Report (device_vendor Cisco, device_model "Cisco Secure Email Gateway" or "Cisco Secure Email and Web Manager")

www.shadowserver.org/what-we-do/n...
INFO: Device Identification Report | The Shadowserver Foundation
DESCRIPTION LAST UPDATED: 2023-12-06 DEFAULT SEVERITY LEVEL: INFO This report contains a list of devices we have identified in our daily Internet scans. The assessment is made based on all our Interne...
www.shadowserver.org
December 20, 2025 at 6:31 PM
shadowserver.bsky.social
Data shared in our Vulnerable HTTP Report, tagged 'cve-2025-20393': www.shadowserver.org/what-we-do/n...

Dashboard Tree Map view (CVE-2025-20393): dashboard.shadowserver.org/statistics/c...
December 20, 2025 at 6:31 PM
shadowserver.bsky.social
Fortinet Advisory:
fortiguard.fortinet.com/psirt/FG-IR-...

See also: arcticwolf.com/resources/bl...

#CyberCivilDefense
PSIRT | FortiGuard Labs
None
fortiguard.fortinet.com
December 19, 2025 at 12:12 PM
shadowserver.bsky.social
Dashboard World Map: dashboard.shadowserver.org/statistics/i...

Dashboard Tree Map overview:
dashboard.shadowserver.org/statistics/i...

Exposure tracker:
dashboard.shadowserver.org/statistics/i...

Device ID Report:
www.shadowserver.org/what-we-do/n...
World map · IoT device statistics · The Shadowserver Foundation
dashboard.shadowserver.org
December 19, 2025 at 12:12 PM