All topics
It was a busy week in the cybers! Today we start with the targeted exploitation of another Fortinet vulnerability (CVE-2026-24858) that enables simple authentication bypass (1:15), then we discuss Google’s disruption of a large residential proxy network called IPIDEA that has been abused by hundreds of threat actors (5:40), then we talk about the continued attacks on an older WinRAR […]
The vulnerabilities (CVE-2026-1281 and CVE-2026-1340) could lead to unauthenticated remote code execution if successfully exploited.
Google researchers observed more than 550 individual threat groups using IPIDEA exit nodes during a one-week period earlier this month.
Fortinet is rolling out updates for CVE-2026-24858, with fixes for some versions available as of Tuesday, and others in releases that are upcoming at an unspecified date.
Exploitation of CVE-2025-8088 in the wild began before disclosure, with attacks confirmed as early as July 18, 2025.
The vulnerability (CVE-2026-21509) requires user interaction for an attack to succeed, with the most likely vector being an attacker sending a malicious Office file to a victim, who then opens it.
