Want to boost your #website’s #security? Check out this awesome new tutorial!
What you'll learn:
• How to set up #CrowdSec + #Caddy step by step
• #Docker Compose examples
• Simple tips to improve your setup
Dive into the video here: https://youtu.be/jlWarrYWV1c?si=RwieKXYZ0BqiNxwK
Big thanks to Genie AJ for sharing this with the #community! 
Exciting news: the #CrowdSec Public Roadmap is now live!
Now you can see what’s coming next, from new features to improvements and upcoming changes.
And the best part? It’s interactive: you can upvote and comment on existing items, and even propose your own ideas.
Check it out here: https://roadmap.crowdsec.net/
Monday Threat Alert: CVE-2025-0108
Here’s your Monday report on immediate and emerging threats, powered by the power of the crowd.
CVE-2025-0108 exploit attempts on the rise
Opportunistic targeting of unpatched or misconfigured systems
The #CrowdSec Network has detected a significant increase in malicious activity targeting CVE-2025-0108, an authentication bypass vulnerability in Palo Alto Networks' PAN-OS software. 
[1/3]
Did you know the CrowdSec WAF can detect CVE-2021-3129 with just one simple rule?
In the past month alone, the #CrowdSec Network identified nearly 1K malicious IPs attempting to exploit this vulnerability. Thanks to our Threat Intelligence feed, these IPs are now flagged and shared across the entire network, giving all users preemptive protection against this threat. 
Want to see how the CrowdSec WAF and CTI feed work together to enhance crowd-powered security?
https://crowdsec.net/blog/how-crowdsec-waf-provides-insights-to-cti
Refer a friend to CrowdSec and get rewarded!
Know someone who would benefit from CrowdSec? Invite them to join, and you’ll both receive rewards! Your support helps grow our community. Safer together.
Refer now: https://contact.crowdsec.net/referral
Tired of dealing with stealthy bot attacks?
Combine Fail2ban + CrowdSec to block malicious IPs in real time. Works flawlessly on Debian & RHEL.
Trend analysis:
The #CrowdSec analysis highlights a significant increase in attacker activity beginning in late March 2025. This aligns with historical patterns of threat actors capitalizing on disclosed vulnerabilities after initial proof-of-concept exploits circulate in underground forums.
How to protect your systems: 
Patch immediately: If you haven’t already, ensure your systems are updated to mitigate CVE-2024-3400.
Monitor traffic: Look for suspicious inbound connections from IPs associated with AS200373.
Deploy the CrowdSec Security Engine: Our community-powered threat intelligence can help you block these malicious IPs in real time.
Check the CrowdSec #CTI feed: Check out a sample of Sweet Orange Gyrfalcon IoCs here: https://app.crowdsec.net/cti?q=classifications.classifications.label%3A%22Attacker+Group%3A+sweet+orange+gyrfalcon%22&page=1
Share awareness: The more organizations take proactive action, the harder it becomes for these attackers to succeed. [4/5]
Wenn /dev/null eine Größenbeschränkung hätte, würde morgen auch die Welt stillstehen…
Get started with the CrowdSec WAF: https://doc.crowdsec.net/docs/next/appsec/intro
Virtual Patching WAF collection: https://app.crowdsec.net/hub/author/crowdsecurity/collections/appsec-virtual-patching [3/3]
WAF in docker
Protezione avanzata con Nginx Proxy Manager, CrowdSec e AppSec
https://blog.marvinpascale.it/posts/2025/waf-docker/
#opensource #linux #utils #docker #pillole-informatiche #sicurezza #crowdsec #UnoOpen #UnoLinux
Wow! @CrowdSec "Community" offering only gets worse and worse!
First, they had raised a paywall around querying details on IP addresses that triggered Alerts. Only 30 queries per week for the "Community".
Now, they have extended that paywall to cover the whole Alerts feature! Only 500 alerts per month for the "Community"!
Where are my logs, @CrowdSec?
Enshitification meets cybersecurity!
Well, I just proved that #crowdsec works. I kicked out myself for 4 hours from my website trying to setup mTLS on nginx.
I spent the whole evening migrating my public sites to the new VPS + #BunkerWeb + #TailScale setup. Apart from a few minor problems, everything worked very well. Tomorrow I will integrate #CrowdSec into BunkerWeb.
But now it's time to sleep 
I have started to migrate from #CloudFlare Tunnel to a VPS + #Tailscale setup. Connection is already established, now I have to decide whether to use #Traefik + #CrowdSec or #BunkerWeb to protect my public Web-Services.
La nueva actualización de #pangolin https://github.com/fosrl/pangolin añade soporte para @CrowdSec en el instalador https://www.youtube.com/watch?v=FXTokUSfOvY . Lo llevo usando un mes y no defrauda, espero que la versión estable pueda estar pronto disponible.
#selfhosting #linux #pangolin #crowdsec
Crowdsec Appsec
Proteggere le nostre applicazioni web
mastodon uno admin 
