Fortinet CVE-2025-64446 Under Active Attack
That vulnerability (CVE-2025-64446) affects several versions of FortiWeb and CISA has added it to its Known Exploited Vulnerabilities catalog.
All topics
Vulnerabilities
9 Posts
Lighthouse Phishing Kit Takedown, Zero Day Mysteries, and Measuring Cyber Attack Costs
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]
APT Targets Cisco and Citrix Zero Days
The chain of discovery began with Amazon's security honeypot service, MadPot, which detected exploitation attempts for the Citrix Bleed Two vulnerability (CVE-2025-5777) before its public disclosure
Microsoft Warns of Exploited Windows Kernel Zero-Day
The important-severity flaw (CVE-2025-62215) has been exploited, said Microsoft.
Microsoft Fixes Actively Exploited Flaws in Patch Tuesday Release
Microsoft issued fixes for several actively exploited vulnerabilities in its latest patch Tuesday release.
Oracle Warns of E-Business Suite Bug
A Saturday advisory from Oracle's CISO warned of a vulnerability impacting some deployments of E-Business Suite (CVE-2025-61884).