Ending TLS Client Authentication Certificate Support in 2026
Let’s Encrypt will no longer include the “TLS Client Authentication” Extended Key Usage (EKU) in our certificates beginning in 2026. Most users who use...
CrushFTP Authentication Bypass Attack
FortiGuard Labs has identified ongoing and persistent attack attempts in the wild that are aimed at exploiting CVE-2025-31161, which is an authentication bypass vulnerability...
Canary Exploit Tool for CVE-2025-30065 Apache Parquet Avro Vulnerability
Investigating a schema parsing concern in the parquet-avro module of Apache Parquet Java. - Read more
Commvault Command Center Path Traversal Vulnerability
FortiGuard Labs has detected persistent attempts to exploit the Commvault Command Center path traversal vulnerability, identified as CVE-2025-34028. If attacks succeed, they could achieve...
How Pebble Supports ACME Client Developers
How Pebble Supports ACME Client Developers
Together with the IETF community, we created the ACME standard to support completely automated certificate issuance. This open standard...
From endpoint to XDR: Operationalize Microsoft Defender for Endpoint data in Elastic Security
Elastic Security integrates with MDE data to enhance visibility, threat detection, and response. Additional features include Elastic AI Assistant, which uses contextual AI to...
Elastic extends production-ready AI capabilities for all!
Elastic Security has a lot of generative AI capabilities, but two of them are now generally available for all Elastic users! Learn about Automatic...
Campaign Targets Amazon EC2 Instance Metadata via SSRF
Discover the latest CVE trends and a new campaign targeting websites hosted in EC2 instances on AWS. - Read more
Apache Tomcat RCE
FortiGuard Labs has identified ongoing attack attempts aimed at exploiting the recently discovered Apache Tomcat remote code execution vulnerability, CVE-2025-24813. If successful, attackers could...
Outbreak Alert- Annual Report 2024
In 2024, FortiGuard blocked 3.1 trillion vulnerability exploits and stopped 2.5 billion malware deliveries—fortifying businesses against relentless cyber threats. Stay ahead with the latest...
Latest article
Siemens KACO Blueplanet Inverters
View CSAF
Summary
KACO blueplanet Inverters contain multiple vulnerabilities that could allow an attacker to derive the credentials from the devices serial number and misuse them...
Windows Netlogon Remote Code Execution Vulnerability
What is the Vulnerability? A critical vulnerability, CVE-2026-41089, affecting the Windows...
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has...
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts,...
