Canary Exploit Tool for CVE-2025-30065 Apache Parquet Avro Vulnerability
Investigating a schema parsing concern in the parquet-avro module of Apache Parquet Java. - Read more
Commvault Command Center Path Traversal Vulnerability
FortiGuard Labs has detected persistent attempts to exploit the Commvault Command Center path traversal vulnerability, identified as CVE-2025-34028. If attacks succeed, they could achieve...
How Pebble Supports ACME Client Developers
How Pebble Supports ACME Client Developers
Together with the IETF community, we created the ACME standard to support completely automated certificate issuance. This open standard...
Elastic Security simplifies customization of prebuilt SIEM detection rules
Learn about the prebuilt rule editing capabilities that allow you to get even more value from out-of-the-box SIEM detection rules. - Read more
From endpoint to XDR: Operationalize Microsoft Defender for Endpoint data in Elastic Security
Elastic Security integrates with MDE data to enhance visibility, threat detection, and response. Additional features include Elastic AI Assistant, which uses contextual AI to...
Elastic extends production-ready AI capabilities for all!
Elastic Security has a lot of generative AI capabilities, but two of them are now generally available for all Elastic users! Learn about Automatic...
Campaign Targets Amazon EC2 Instance Metadata via SSRF
Discover the latest CVE trends and a new campaign targeting websites hosted in EC2 instances on AWS. - Read more
Apache Tomcat RCE
FortiGuard Labs has identified ongoing attack attempts aimed at exploiting the recently discovered Apache Tomcat remote code execution vulnerability, CVE-2025-24813. If successful, attackers could...
Outbreak Alert- Annual Report 2024
In 2024, FortiGuard blocked 3.1 trillion vulnerability exploits and stopped 2.5 billion malware deliveries—fortifying businesses against relentless cyber threats. Stay ahead with the latest...
2025 Advanced Persistent Bot Report: Scraper Bots Deep-Dive
How much do scraper bots affect your industry? - Read more
Latest article
Chromium: CVE-2026-13027 Use after free in FileSystem
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2025) for more information. - Read...
Weekly Metasploit Update: Modules for Audiobookshelf, LiteLLM, Next.js, Dalfox and more
Help shape the future of Metasploit FrameworkWe are planning future work in relation to the evasion capabilities present in Metasploit Framework, and how they...
New DirtyClone Linux Vulnerability Allows Attackers to Gain Root Access Via Cloned Packets
A new Linux kernel local privilege escalation vulnerability, dubbed “DirtyClone” (CVE-2026-43503), that allows unprivileged local users to gain full root access by manipulating cloned...
Hackers Claim French Employment Leak Exposes Over 1M Records, Health Data
Hackers claim 1M+ records tied to French employment apps were exposed, including HR files, health data, worker details, and plaintext passwords.
The post Hackers Claim...
