AWS Security Hub is expanding to unify security operations across multicloud environments
After talking with many customers, one thing is clear: the security challenge has not gotten easier. Enterprises today operate across a complex...
CVE-2026-21262 SQL Server Elevation of Privilege Vulnerability
Improper access control in SQL Server allows an authorized attacker to elevate privileges over a network. - Read more
Honeywell IQ4x BMS Controller
View CSAF
Summary
Successful exploitation of this vulnerability could allow an unauthorized attacker to access controller management settings, control components, disclose information, or cause a denial-of-service...
BeatBanker: A dual‑mode Android Trojan
Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play...
Buffer overflow via fgtupdates service
CVSSv3 Score: 7.0
A Stack-based Buffer Overflow vulnerability in FortiManager fgtupdates service may allow a remote unauthenticated attacker to execute...
Lack of TLS Certificate Validation during initial SSO Authentication
CVSSv3 Score: 6.3
An improper certificate validation vulnerability in the FortiManager GUI may allow a remote unauthenticated attacker to view...
Privilege escalation using undocumented CLI command
CVSSv3 Score: 6.4
An Inclusion of Undocumented Features in FortiManager and FortiAnalyzer CLI may allow a remote authenticated read-only admin...
OS command injection on vmimages update feature
CVSSv3 Score: 6.7
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in FortiSandbox...
Buffer Overflow in LLDP OUI field
CVSSv3 Score: 7.7
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FortiSwitchAXFixed may allow an...
MFA Bypass in GUI
CVSSv3 Score: 6.8
An authentication bypass using an alternate path or channel vulnerability in FortiManager and FortiAnalyzer multifactor authentication may...
Latest article
Criminal IP at Infosecurity Europe 2026: Introducing AITEM, the Next Chapter of Attack Surface...
Torrance, United States / California, June 11th, 2026, CyberNewswire Criminal IP by AI SPERA, a cyber threat intelligence platform delivering decision-ready intelligence and attack...
Readers reply: Experts say we should use passkeys, but can a smartphone pin really...
The long-running series in which readers answer other readers’ questions on subjects ranging from trivial flights of fancy to profound scientific and philosophical conceptsThis...
CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value
Information published. - Read more
Weekly Metasploit Update: New Kerberos/Certificate tracing options, and multiple new modules
New Tracing OptionsAs hard as we try to ensure that Metasploit is bug free, issues inevitably come up. Whether you’re running a module on...
