Trimble Cityworks Vulnerability [CVE-2025-0994] added to CISA KEV - 108 devices observed exposing a vulnerable version.

🚨 New threat: BADBOX botnet targets both off-brand and major Android devices, potentially with pre-installed malware. Over 190k infected, including high-end Yandex TVs. Learn how a suspicious SSL cert led to uncovering its infrastructure. #threathunting

🛰️The Salt Typhoon breach is just one of the latest examples of how global threat actors exploit telecom vulnerabilities for espionage, infrastructure disruption, and data theft. Find out how to strengthen defenses and get ahead of evolving risk.

RT @HealthISAC: Mapping Healthcare Risks: Medical Device Exposures Trends webinar by Health-ISAC Navigator, @censysio on Wednesday, Februa…

Participants of the CARISMATICA Cybersecurity Hackathon used Censys to detect vulnerable medical services across multiple countries and notify responsible organizations, helping secure patient data. Read about their experience in our new guest blog.

RT @IST_org: @censysio, whose mission is to be the one place to understand everything on the internet, has joined IST as a gold level spons…

RT @GreyNoiseIO: 🚨 Zero-day Zyxel Vulnerability (CVE-2024-40891) under active exploitation. This unpatched flaw exposes 1,500+ devices, ena…

Censys researchers tracking a recently disclosed zero-day vulnerability in Ivanti Connect Secure discovered hundreds of instances may have been compromised through exploits of CVE-2025-0282. Learn more:

Ransomware and security breaches in healthcare aren’t just costly—they can be life-threatening. Find out how ASM tools provide critical visibility to secure connected devices and patient data. 🏥

Murdoc botnet perspective: we detect 221 infected hosts online, with clusters in Taiwan, Indonesia, and the U.S. Over 36k EOL potentially vulnerable AVTECH cameras are still exposed online.

Discover how leading telecom provider NOS partnered with Censys to find unknown exposures, analyze threat actor infrastructure, and mitigate vulnerabilities in real-time.📶Check out our newest case study to learn more.

The Biden Administration just released a directive on strengthening #cybersecurity for risks such as software acquisition, supply chains, and the need for better detection & response tools. Get our VP of Federal’s take on the new Executive Order:

Despite law enforcement disruption, Volt Typhoon's activity continued through 2024; read more in our new blog: #volttyphoon

🚨 Critical vulnerability CVE-2023-48365 in Qlik Sense Enterprise for Windows is being actively exploited. Censys has identified 11,185 exposed Qlik Sense instances online. Ensure your systems are patched to the latest versions to mitigate this risk.

Several malicious IPs associated with CVE-2024-52875 have been observed in GreyNoise, indicating active exploitation attempts in the wild. GreyNoise query:

🚨 Two vulnerabilities in Mitel MiCollab, highlighted in a December advisory, were added to CISA's list of Known Exploited Vulnerabilities (KEV). Patch immediately to reduce risk. 🔍 Read the updated advisory for a query to identify exposed devices:

Over 70% of organizations faced phishing attacks last year. Are your SSL/TLS certificates leaving you vulnerable? Discover how Censys Search helps you stay ahead of phishing threats.🪝

23,862 GFI KerioControl instances potentially vulnerable to 1-Click RCE [CVE-2024-52875]. Additional information & query available here:

High-priority alert issued by CISA for actively exploited vulnerability in Palo Alto Networks PAN-OS [CVE-2024-3393].