Fortinet discloses second firewall auth bypass patched in January
Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already…
Category: Bleeping Computer
Google fixes flaw that could unmask YouTube users’ email addresses
Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using…
How TruGrid Simplifies RDP Deployment, Security, and Compliance
While the first article outlined why VPNs are risky and cloud-based RDP is a superior alternative, this article will take a closer look at what…
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named ‘Sarcoma’ has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. The cybercriminals…
DPRK hackers dupe targets into typing PowerShell commands as admin
North Korean state actor ‘Kimsuky’ (aka ‘Emerald Sleet’ or ‘Velvet Chollima’) has been observed using a new tactic inspired from the now widespread ClickFix campaigns.…
BadPilot network hacking campaign fuels Russian SandWorm attacks
A subgroup of the Russian state-sponsored hacking group APT44, also known as ‘Seashell Blizzard’ and ‘Sandworm’, has been targeting critical organizations and governments in a…
Ivanti fixes three critical flaws in Connect Secure & Policy Secure
Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to address multiple vulnerabilities, including…
Windows 11 KB5051987 & KB5051989 cumulative updates released
Microsoft has released Windows 11 KB5051987 and KB5051989 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. Both KB5051987 and KB5051989 are…
Windows 10 KB5051974 update force installs new Microsoft Outlook app
Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and…
Fortinet warns of new zero-day exploited to hijack firewalls
Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. Successful…
Police arrests 2 Phobos ransomware suspects, seizes 8Base sites
A global law enforcement operation targeting the Phobos ransomware gang has led to the arrest of two suspected hackers in Phuket, Thailand, and the seizure…
SonicWall firewall exploit lets hackers hijack VPN sessions, patch now
Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the…