Real-time malware defense: Leveraging AWS Network Firewall active threat defense

This AWS blog post explains how MadPot honeypots feed real-time intelligence into AWS Active Threat Defense for Network Firewall to rapidly detect and block multi-stage attacks. It presents a documented campaign exploiting CVE-2025-48703 against Control Web Panel to deliver Mythic C2, including sample HTTP exploit payloads, staging URLs, IPs, listener ports, and SHA256 hashes, and describes how Network Firewall rules mitigate each stage of the attack.