Clear-text credentials retrievable with IP modification for connectors
CVSSv3 Score: 4.1
A Storing Passwords in a Recoverable Format vulnerability in FortiSOAR may allow an authenticated remote attacker to...
Cleartext Credentials in response for API endpoints
CVSSv3 Score: 6.2
A Cleartext Transmission of Sensitive Information vulnerability in FortiSOAR may allow an authenticated attacker to view cleartext...
Arbitrary directory delete on vmimages delete feature
CVSSv3 Score: 6.2
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FortiSandbox, FortiSandbox Cloud,...
Axios npm Package Compromised
On March 31, 2026, the Axios npm package was compromised via a maintainer account takeover. Two malicious versions were published - axios@1.14.1 and...
Clear-text credentials retrievable with IP modification for LDAP
CVSSv3 Score: 4.1
A Storing Passwords in a Recoverable Format vulnerability in FortiSOAR may allow an authenticated remote attacker to...
Multiple SQL Injections
CVSSv3 Score: 7.1
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FortiClientEMS may...
A New Way to Buy Recorded Future: Solutions and Packages Built for the 2026...
Recorded Future is now offering four solutions covering cyber operations, digital risk protection, third-party risk, and payment fraud. Three...
Iran War: Future Scenario and Business Implications
The Iran situation remains volatile and uncertain, with material impacts for organizations. Leaders should plan for multiple future scenarios, prioritizing resilience and effective...
13th April – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 13th April, please download our Threat Intelligence Bulletin.
TOP ATTACKS AND BREACHES
The Los Angeles...
Booking.com warns customers of hack that exposed their data
Undisclosed number of names and contact and reservation details accessed in latest cybercrime attemptThe accommodation reservation website Booking.com has suffered a data breach with...
Latest article
New EDRChoker Tool Uses Policy-Based Quality of Service to Block EDR Processes
A newly released open-source red team tool called EDRChoker introduces a novel technique for silencing cloud-connected Endpoint Detection and Response (EDR) agents not by killing their...
CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Information published. - Read more
Baker Distributing – 102,935 breached accounts
In May 2026, the HVAC/R wholesale distributor Baker Distributing Company was added to the ShinyHunters data extortion group's "pay or leak" site. In early...
AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in Tech
See what you missed in Daily Tech Insider from June 1–5.
The post AI Upgrades, Security Flaws, and SpaceX’s Record IPO Define the Week in...
