Network Security

Researchers Null-Route More Than 550 Kimwolf and Aisuru Botnet Command Servers

Security researchers have disrupted a major botnet operation after null-routing traffic linked to more than 550 command-and-control servers tied to the AISURU and Kimwolf botnets. The takedown was carried out by Black Lotus Labs, the threat intelligence arm of Lumen Technologies, and began in early October 2025. These botnets have rapidly grown into some of the largest active malicious […]

Researchers Null-Route More Than 550 Kimwolf and Aisuru Botnet Command Servers Read More »

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution

Fortinet has released security updates to address a critical vulnerability in FortiSIEM that could allow unauthenticated attackers to execute arbitrary code on affected systems. The flaw poses a serious risk to organizations using vulnerable FortiSIEM deployments, particularly those with exposed management services. Vulnerability Overview The issue, tracked as CVE-2025-64155, carries a CVSS score of 9.4, indicating critical

Fortinet Patches Critical FortiSIEM Vulnerability Allowing Unauthenticated Remote Code Execution Read More »

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials

A new ransomware variant known as Fog has emerged as a notable threat to organizations in the education and recreation sectors across the United States. Overview of the Threat Starting in early May 2024, Arctic Wolf Labs began monitoring Fog ransomware in multiple incident response cases. Approximately 80 percent of affected organizations operate in education,

Fog Ransomware Targets US Organizations Using Compromised VPN Credentials Read More »

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug

Several Cisco switch models are unexpectedly entering reboot loops after reporting critical DNS client errors, according to recent reports compiled by BleepingComputer. The issue appears to have started around 2 AM, when a firmware problem in the switches’ DNS client service began treating DNS lookup failures as fatal errors. This caused the affected switches to

Cisco Switches Affected by Reboot Loops Caused by DNS Client Bug Read More »

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro has issued urgent security updates for multiple vulnerabilities affecting on-premise Windows deployments of Apex Central, including a critical flaw that could allow attackers to execute arbitrary code with elevated privileges. The most severe issue, tracked as CVE-2025-69258, has been assigned a CVSS score of 9.8, placing it among the highest risk vulnerabilities. According to Trend

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions Read More »

Cisco Patches ISE Security Flaw Following Public PoC Exploit Release

Cisco has issued updates to fix a medium-severity vulnerability affecting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), after a publicly available proof-of-concept (PoC) exploit was released. The flaw, tracked as CVE-2026-20029 with a CVSS score of 4.9, resides in the licensing functionality and could allow a remote, authenticated attacker with administrative

Cisco Patches ISE Security Flaw Following Public PoC Exploit Release Read More »

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability

Fortinet has reported active abuse of a long-standing security vulnerability in FortiOS SSL VPN that allows bypassing two-factor authentication (2FA) under specific configurations. The flaw, tracked as CVE-2020-12812 with a CVSS score of 5.2, arises due to improper authentication handling that lets users log in without being prompted for the second authentication factor if the

Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability Read More »

CISA Flags Actively Exploited Digiever NVR Vulnerability Enabling RCE

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security vulnerability affecting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active attacks. The flaw, identified as CVE-2023-52163 with a CVSS score of 8.8, allows post-authentication remote code execution through a command injection vulnerability.

CISA Flags Actively Exploited Digiever NVR Vulnerability Enabling RCE Read More »

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard has issued an urgent security advisory after confirming active exploitation of a critical vulnerability in its Fireware OS. The flaw affects VPN functionality and has already been observed being abused in real world attacks, prompting immediate patching recommendations for all affected customers. The vulnerability, tracked as CVE-2025-14733, carries a CVSS score of 9.3 and is

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability Read More »

Cisco Warns of Active Attacks Exploiting Unpatched Zero Day in AsyncOS Email Security Appliances

Cisco has issued an urgent warning about an actively exploited zero day vulnerability affecting Cisco AsyncOS software. The flaw is being leveraged by a China aligned advanced persistent threat actor tracked as UAT 9686 in attacks against Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances. Cisco said it became aware of the

Cisco Warns of Active Attacks Exploiting Unpatched Zero Day in AsyncOS Email Security Appliances Read More »