Risks and Vulnerabilities
Downstream Data: Investigating AI Data Leaks in Flowise
A thousand Flowise instances are exposed to the internet, many of them leaking confidential business data, passwords, and more.
Read more
.jpeg){kind=avatar}
Greg Pollock
December 1, 2025
Beware the Sandworm: The Shai-Hulud Attack Explained
Learn about the Shai-Hulud worm, a self-replicating malware targeting the NPM ecosystem that steals developer credentials and exposes them.
Read more
Edward Kost
September 19, 2025
CVE-2016-10033: Detection and Response Guide for 2025
CVE-2016-10045 is still rearing its ugly head in 2025. Learn how to detect and shut down this risk.
Read more
Edward Kost
July 8, 2025
Data Leakage and Other Risks of Insecure LlamaIndex Apps
UpGuard Research surveyed accessible LlamaIndex chatbots to understand the real-world risks–including one instance leaking PII.
Read more
Greg Pollock
June 12, 2025
Detecting Generative AI Data Leaks from ComfyUI
Generative AI servers are leaking images, workflows, and prompts. Are they creating risk in your AI supply chain?
Read more
Greg Pollock
June 19, 2025
Analyzing llama.cpp Servers for Prompt Leaks
How are generative AI technologies leaking data? In this report we analyse prompt leaks from llama.cpp servers.
Read more
Greg Pollock
July 24, 2025
Critical Middleware Vulnerability in Next.js (CVE-2025-29927)
Learn how to detect CVE-2025-29927, a critical vulnerability in Next.js that allows attackers to easily bypass middleware authorization measures.
Read more
Greg Pollock
July 24, 2025
Understanding and Securing Exposed Ollama Instances
Explore how attackers are exploiting Ollama instances and learn what you can do to secure them across your infrastructure.
Read more
UpGuard Team
March 19, 2025
Using Exposed Ollama APIs to Find DeepSeek Models
Misconfigured AI APIs can expose sensitive data and security risks. See what our research uncovered.
Read more
Greg Pollock
July 24, 2025
Mitel MiCollab Vulnerabilities: CVE-2024-35286 and CVE-2024-41713
Learn how to detect SQL injection and path traversal vulnerabilities across your infrastructure.
Read more
UpGuard Team
July 9, 2025
Understanding CVE-2024-47176: Mitigating CUPS Vulnerabilities
Learn how to detect and mitigate CUPS vulnerabilities, including CVE-2024-47176.
Read more
UpGuard Team
January 16, 2025
ServiceNow Vulnerabilities: CVE-2024-4789 and CVE-2024-5217
Learn about two critical vulnerabilities affecting the ServiceNow platform (CVE-2024-4789 and CVE-2024-5217) and how UpGuard can help.
Read more
Nicholas Sollitto
January 16, 2025
How to Respond: OpenSSH Vulnerability CVE-2024-6387
Learn the best course of action for preventing Remote Code Execution through an exploitation of regreSSHion.
Read more
Edward Kost
July 3, 2025
Email Messaging Protocols and Port Exposure
Learn more about email messaging protocols and how to protect exposed ports.
Read more
Caitlin Postal
July 3, 2025
Internet of Risks: Cybersecurity Risk in the Internet of Things
With the continuing development of the Internet of Things come new attack surfaces and cybersecurity risk directly related to the IoT.
Read more
Caitlin Postal
July 3, 2025
Programmable Logic Controllers and Cybersecurity Risk
Safety and security are critical when using programmable logic controllers for industrial manufacturing and critical infrastructure.
Read more
Caitlin Postal
December 1, 2025
Sign up for our newsletter
UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.
Free instant security score
How secure is your organization?
Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
Instant insights you can act on immediately- Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
