FortiSIEM:Proof-of-Concept Exploit for Critical Vulnerability Publicly Available

Fortinet has closed a critical FortiSIEM vulnerability. A proof-of-concept exploit increases the likelihood of attacks.

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls.
Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
Dark Reading

Root Evidence Bets on New Concept for Vulnerability Patch Management

Root Evidence is taking a new approach to tackle the pervasive vulnerability patch management problem — and it all comes down to the math. Challenges exist because more and more vulnerabilities are ...
Techzine Europe

RondoDox botnet exploits HPE OneView vulnerability on a massive scale

Check Point Research has identified a coordinated attack campaign targeting CVE-2025-37164, a critical vulnerability in HPE ...

Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level ...
CSOonline

Apache Struts 2 vulnerability discovered, as proof of concept circulates

A new vulnerability found in the Apache Struts 2 framework has received a critical severity rating from NIST’s national database. A new vulnerability in the Struts 2 web application framework can ...