SSRF in GUI console
CVSSv3 Score: 3.4
A Server-Side Request Forgery (SSRF) vulnerability in FortiSandbox may allow an authenticated attacker to proxy internal requests...
Authenticated SQL injection in API endpoint
CVSSv3 Score: 6.8
An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability in FortiClientEMS may...
Arbitrary file deletion in administrative interface
CVSSv3 Score: 5.7
An improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in FortiVoice may allow a...
Unauthenticated remote command injection
CVSSv3 Score: 9.4
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in FortiSIEM...
Heap-based buffer overflow in cw_acd daemon
CVSSv3 Score: 7.4
A heap-based buffer overflow vulnerability in FortiOS and FortiSwitchManager cw_acd daemon may allow a remote unauthenticated attacker...
Unveiling VoidLink – A Stealthy, Cloud-Native Linux Malware Framework
Key takeaways
VoidLink is an advanced malware framework made up of custom loaders, implants, rootkits, and modular plugins designed to maintain long-term access to...
Fall 2025 PCI DSS compliance package available now
Amazon Web Services (AWS) is pleased to announce that two additional AWS services and one additional AWS Region have been added to...
Shape the future in Sydney: Forge the Future hackathon
Elastic hackathon judge Nils Thomsen explains why Sydney’s Forge the Future hackathon is your chance to hack for good with AI. He seeks solutions...
Latest article
23 ClawHub Plugins Abuse Official Org Scopes to Impersonate Trusted AI Agent Tools
A new supply chain threat has surfaced in the AI agent ecosystem that is both subtle and serious. Researchers uncovered 23 plugins on...
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access.
The post New Apple Exploit Exposes Millions...
AI-powered cyber attacks may be just months away, warn Five Eyes
Frontier AI models will pose a greater cyber security risk to government and businesses than previously thought, putting businesses and governments at risk within...
AWS Continuum offers devs help with securing code
AI coding agents are making it easier than ever to produce software. Ensuring that software is secure before deployment is...
