Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS,... Read more »

JDY botnet scans SOHO/IoT devices globally to map services and targets, especially US military networks. Lumen’s Black Lotus Labs reported the resurgence of the JDY botnet, a covert reconnaissance... Read more »

Despite a 2025 patch, Russian-linked groups still exploit a WinRAR flaw (CVE-2025-8088) to deploy malware via phishing archives. CVE-2025-8088 is a path traversal flaw in WinRAR that lets an... Read more »

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog. The U.S.... Read more »

The researcher Chaotic Eclipse released a PoC for the RoguePlanet Microsoft Defender zero-day, which can grant SYSTEM privileges on fully patched Windows systems. Security researcher Chaotic Eclipse, also known... Read more »

A study by the University of Toronto shows how artificial intelligence can power autonomous worms capable of tailoring attacks against Windows, Linux and IoT devices. A group of researchers... Read more »

France’s government chat app Tchap was breached after a single account was compromised, exposing messages and data from public channels. Tchap, the encrypted messaging platform developed by the French... Read more »

Microsoft Patch Tuesday security updates for June 2026 fix a record 208 CVEs, including one actively exploited zero-day and multiple critical RCE flaws. Microsoft Patch Tuesday security updates for... Read more »