Security News

Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs
2025-05-21 15:13

A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute...

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems
2025-05-14 04:21

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756,...

Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
2025-05-13 18:38

Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security incident...

Fortinet fixes critical zero-day exploited in FortiVoice attacks
2025-05-13 16:46

Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. [...]

Over 16,000 Fortinet devices compromised with symlink backdoor
2025-04-16 20:47

Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. [...]

Old Fortinet flaws under attack with new method its patch didn't prevent
2025-04-14 05:35

PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three...

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
2025-04-11 17:55

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched....

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks
2025-04-11 16:08

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector...

Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
2025-04-08 17:53

Fortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as...

New kids on the ransomware block channel Lockbit to raid Fortinet firewalls
2025-03-14 11:01

It's March already and you haven't patched? Researchers are tracking a newly discovered ransomware group with suspected links to LockBit after a series of intrusions were reported starting in January.…