Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...

Betterment Customer Data Exposed in Crypto Scam Hack

The breach occurred through a compromised third-party marketing platform, allowing attackers to impersonate the trusted ...

VMware ESXi zero-days likely exploited a year before disclosure

Chinese-speaking threat actors used a compromised SonicWall VPN appliance to deliver a VMware ESXi exploit toolkit that seems to have been developed more than a year before the targeted ...
Dark Reading

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

A zero-day vulnerability in WatchGuard Firebox firewalls is under active exploitation, marking the latest attacks against edge devices this month. WatchGuard disclosed the vulnerability, tracked as ...
The Conversation

The #iwasfifteen hashtag and ongoing Epstein coverage show how traffickers exploit the vulnerabilities of teens and tweens

Anne P. DePrince has received funding from the Department of Justice, National Institutes of Health, State of Colorado, and University of Denver. She has received honoraria for giving presentations ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Network World

WatchGuard fixes ‘critical’ zero-day allowing firewall takeover

WatchGuard has issued an urgent patch alert for its Firebox firewall appliances after discovering a critical-rated vulnerability that is under exploit by threat actors. Tracked as CVE-2025-14733, with ...