News • Insights • Analysis
Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to two cybersecurity firms. The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, appears to not involve Read More …
Palo Alto customers are being been told to patch yet another internet-facing security flaw after researchers caught attackers bypassing GlobalProtect authentication and gaining unauthorized VPN access. The flaw, tracked as CVE-2026-0257, affects PAN-OS deployments using GlobalProtect authentication override cookies under specific Read More …
On May 6, 2026, Palo Alto Networks published a security advisory for CVE-2026-0300, a critical unauthenticated buffer overflow vulnerability affecting PAN-OS PA-Series and VM-Series firewall appliances. Prisma Access, Cloud NGFW, and Panorama appliances are not affected by this vulnerability. The Read More …
Cybersecurity giant Trellix has confirmed suffering a cyberattack in which threat actors accessed parts of its source code. In a brief announcement published on its website, Trellix said it had identified “unauthorized access to a portion of [its] source code Read More …
Cybersecurity professionals were the most overlooked workers in IT when it came to pay rises in 2025, according to new figures from recruiter Harvey Nash. The trend was especially stark in the UK, where 77 percent of all security staff Read More …
Watch out for more Fortinet vulns! Two critical bugs in Fortinet’s sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems. Luckily, the security vendor has issued fixes – so patch now – and so Read More …
Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31. The flaw, tracked as CVE-2026-35616, is an improper access control vulnerability that allows Read More …
A fake website impersonating Avast antivirus is tricking people into infecting their own computers. The site looks legitimate, runs what appears to be a virus scan, and claims your system is full of threats. But the results are fake: when Read More …
At the start of the year, cybercriminals were exploiting three vulnerabilities in FortiGate Next-Generation Firewalls (NGFW) to establish persistence and move laterally throughout the network. All recorded attacks were stopped before they could do any meaningful harm, and FortiGate has Read More …
Researchers from Georgia Tech have found that the supply chain for threat intelligence data is susceptible to adversarial action, and proposed a method to improve data sharing that they think will make it stronger. Brenden Kuerbis, a research scientist at Read More …
