CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability CVE-2025-4664 Google Chromium Loader Insufficient Policy Enforcement Vulnerability CVE-2025-42999 SAP NetWeaver Deserialization Vulnerability These types of vulnerabilities are frequent attack…
The VanHelsing ransomware was first identified in March 2025 and uses TOR sites for ransom negotiations and data leaks. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
CISA released twenty-two Industrial Control Systems (ICS) advisories on May 15, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-135-01 Siemens RUGGEDCOM APE1808 Devices ICSA-25-135-02 Siemens INTRALOG WMS ICSA-25-135-03 Siemens BACnet ATEC Devices ICSA-25-135-04 Siemens Desigo ICSA-25-135-05 Siemens…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-32756 Fortinet Multiple Products Stack-Based Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal…
Learn more about what approach organizations should take in the face of a new era of cybercrime. Source link Author: Fortinet Article used for cyber security disclosure.
Starting May 12, CISA is changing how we announce cybersecurity updates and the release of new guidance. These announcements will only be shared through CISA social media platforms and email and will no longer be listed on our Cybersecurity Alerts & Advisories webpage. The focus…
FortiGuard Labs observed a phishing campaign “Horabot” resurfacing with a sophisticated multi-stage attack, blending phishing, credential theft, and propagation. Learn more. Source link Author: Fortinet Article used for cyber security disclosure.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-6047 GeoVision Devices OS Command Injection Vulnerability CVE-2024-11120 GeoVision Devices OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…
