CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-20281 Cisco Identity Services Engine Injection Vulnerability CVE-2025-20337 Cisco Identity Services Engine Injection Vulnerability CVE-2023-2533 PaperCut NG/MF Cross-Site Request Forgery (CSRF) Vulnerability These types of vulnerabilities are…
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-54309 CrushFTP Unprotected Alternate Channel Vulnerability CVE-2025-6558 Google Chromium ANGLE and GPU Improper Input Validation Vulnerability CVE-2025-2776 SysAid On-Prem Improper Restriction of XML External Entity Reference Vulnerability…
Detailed analysis of an obfuscated web shell used in a CNI attack. Explores its structure, traffic patterns, and Fortinet’s detection and protection. Source link Author: Fortinet Article used for cyber security disclosure.
FortiGuard Labs uncovers ToolShell, a sophisticated exploit chain targeting Microsoft SharePoint servers using a mix of patched and zero-day CVEs. Learn how attackers deploy GhostWebShell and KeySiphon for stealthy remote code execution and credential theft. Source link Author: Fortinet Article used for cyber security disclosure.
CISA released six Industrial Control Systems (ICS) advisories on July 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-205-01 Mitsubishi Electric CNC Series ICSA-25-205-02 Network Thermostat X-Series WiFi Thermostats ICSA-25-205-03 Honeywell Experion PKS ICSA-25-205-04 LG Innotek Camera…
Sovereign SASE enables organizations to meet data residency, privacy, and operational requirements without compromising security, user experience, or scalability. Source link Author: Fortinet Article used for cyber security disclosure.
Following the Israel-Iran ceasefire, FortiGuard Labs uncovered a phishing campaign posing as a private jet evacuation service from Tel Aviv to New York. Learn how attackers used crisis-driven fear to steal personal and financial data. Source link Author: Fortinet Article used for cyber security disclosure.
Fortinet is once again delivering cutting-edge innovations to protect against emerging threats by rolling out quantum-safe features to FortiOS. Source link Author: Fortinet Article used for cyber security disclosure.
