Velaris Threat Research Masthead

Velaris is Centripetal’s elite intelligence team, inspired by the Roman velarium—a protective canopy shielding crowds from the elements. Velaris transforms global threat intelligence into clear decisions and real-time action, turning deep research into decisive protection.

Security Bulletin September 25

NPM Compromises Expose Critical Weakness in the Software Supply Chain

In September 2025, two major NPM compromises exposed the fragility of the software supply chain—from phishing-driven credential theft to the wormable Shai-Hulud attack. This bulletin details how open-source trust was exploited and the risks for defenders.

Learn More

August 28, 2025

By Bruce Skillern

Microsoft Exchange Hybrid Vulnerability Exposes Path to 365 Compromise

A high-severity flaw, CVE-2025-53786, affects Microsoft Exchange Hybrid and enables attackers to escalate privileges in Microsoft 365 Learn More

July 25, 2025

By Nithin Ravi

Critical NetScaler Flaw Exposes Sensitive Memory Contents to Remote Attackers

CVE-2025-5777, or CitrixBleed 2, is a memory overread vulnerability in NetScaler ADC and NetScaler Gateway that exposes sensitive data to unauthenticated remote attackers. This vulnerability demands immediate patching. Learn More

Security Bulletins

View All

July 25, 2025

By Aileen Ward

Attackers Leverage SharePoint Zero-Day RCE to Gain Complete Server Access

Learn More

July 24, 2025

By Bruce Skillern

Threat Actors Abuse NetBird in Spear-Phishing Campaign Targeting Finance Executives

Learn More

July 16, 2025

By Daniel Rogers

Discord Invites Are Leveraged in Malware Distribution

Learn More

Know what’s coming. 
Stop what’s next.

Sign up for our free threat alert bulletin service here.

The Cybercrime Barrier Your Organization Deserves

Sign up for a custom demonstration from our security team of how we bring together the best minds and most complete collection of threat intelligence to provide you with a shocking level of relief. 

Get A Demo