SpiderLabs Blog
Explore the latest threats, critical vulnerability disclosures, cutting-edge research, and intelligence from our elite global threat experts.
LevelBlue SpiderLabs: SQL Injection in Orkes Conductor: CVE-2025-66387
December 18, 2025 | Tim Stamopoulos
Stay Informed
Sign up to receive the latest security news and trends straight to your inbox from LevelBlue.
Understanding DocumentDB’s Network Security Trade-Offs: The VPC Challenge
August 05, 2025 | Selam Gebreananeya
AWS DocumentDB by default is securely isolated within a VPC, unreachable from ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
March 20, 2025 | Karl Biron
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your ...
Lessons from a Honeypot with US Citizens’ Data
November 13, 2024 | Radoslaw Zdonczyk and Nikita Kazymirskyi
Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team ...
Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928
August 16, 2024 | Karl Biron
In early 2021, a new vulnerability, identified as CVE-2021-27928, was ...