MUST READ

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

 | 

Fortinet patched a new critical FortiSandbox flaw

 | 

JDY Botnet Evolves After KV Takedown, Targets Military Networks

 | 

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

 | 

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

 | 

Chaotic Eclipse Unveils RoguePlanet Exploit Targeting Fully Patched Windows

 | 

“AI Worms”, researchers demonstrate autonomous malware capable of adapting to any online device

 | 

France's Government Messaging App Tchap Got Breached

 | 

Microsoft Releases Record-Breaking Patch Tuesday With 208 CVEs

 | 

Critical Veeam RCE Flaw Lets Low-Privilege Users Take Over Backup Servers

 | 

Miasma Worm Compromises 73 Microsoft GitHub Repositories

 | 

Google fixes the fifth actively exploited Chrome zero-day of 2026

 | 

U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog

 | 

CVE-2026-23111: Linux nf_tables Flaw Enables Root Exploits

 | 

Meta Accuses NSO of Violating WhatsApp Court Injunction

 | 

Everest Forms Pro WordPress Flaw is Handing Attackers Admin Access

 | 

UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms

 | 

Meta AI Recovery Tool Flaw Exposed 20,000+ Instagram Accounts

 | 

IoT Botnet C0XMO Adds Competitor-Killing Capability

 | 

DentaQuest Breach: ShinyHunters Publish Data Impacting 2.6M People

 | 

CVE-2026-25089

Pierluigi Paganini June 11, 2026
Fortinet patched a new critical FortiSandbox flaw

Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe issue, tracked as CVE-2026-25089 (CVSS score of 9.8), is an OS command injection flaw in FortiSandbox products. The vulnerability could […]

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Chaotic Eclipse Strikes Again: New Zero-Day Unlocks BitLocker in Four Hours of Research

Security / June 11, 2026

Fortinet patched a new critical FortiSandbox flaw

Security / June 11, 2026

JDY Botnet Evolves After KV Takedown, Targets Military Networks

Malware / June 11, 2026

Russian APTs Still Exploiting Patched WinRAR Flaw CVE-2025-8088

APT / June 10, 2026

U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog

Security / June 10, 2026