Two newly disclosed flaws in TP-Link’s Omada and Festa VPN routers have exposed deep-seated weaknesses in the company’s firmware security.
The vulnerabilities, tracked as CVE-2025-7850 and CVE-2025-7851, were identified by researchers from Forescout’s Vedere Labs. These vulnerabilities were described as part of a recurring pattern of incomplete patching and residual debug code.
Read more…
Source: TechPro News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cisco warns of two more SD-WAN bugs under active attack
March 6, 2026
Just when network admins thought the Cisco SD-WAN patch queue might finally be shrinking, Switchzilla has confirmed miscreants are exploiting more vulnerabilities in its SD-WAN management software. The newly abused flaws affect Cisco Catalyst SD-WAN Manager, the platform formerly known as vManage that sits at the center of many organizations’ SD-WAN deployments. One of the bugs, ...
- New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises
February 26, 2026
It’s hard to overstate the role that Wi-Fi plays in virtually every facet of life. The organization that shepherds the wireless protocol says that more than 48 billion Wi-Fi-enabled devices have shipped since it debuted in the late 1990s. New research shows that behaviors that occur at the very lowest levels of the network stack make ...
- CISA and Partners Release Guidance for Ongoing Global Exploitation of Cisco SD-WAN Systems
February 25, 2026
CISA and partners have observed malicious cyber actors targeting and compromising Cisco SD-WAN systems of organizations, globally. These actors have been observed exploiting a previously undisclosed authentication bypass vulnerability, CVE-2026-20127, for initial access before escalating privileges using CVE-2022-20775 and establishing long-term persistence in Cisco SD-WAN systems. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Sign up for the ...
- Adelaide University new system designed to protect drones from cyber threats
February 25, 2026
Adelaide University researchers have initiated the development of a world-first cybersecurity system designed to protect drones from increasingly sophisticated cyber threats. A new study led by the Industrial AI Research Centre and published in the international journal Computers and Industrial Engineering, paves the way for safer and more resilient unmanned aerial systems (UAS) that are less ...
- AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign
February 23, 2026
Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less on clever zero-days and more on the equivalent of trying every digital door handle – just ...
- Reducing the Attack Surface for End-of-Support Edge Devices
February 5, 2026
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.K.’s National Cyber Security Centre (NCSC) are releasing this fact sheet to urge defensive action against malicious cyber activity by nation-state threat actors. Nation-state threat actors exploit end-of-support (EOS) edge devices—including, but not limited to, load balancers, firewalls, routers, and virtual ...