
CISA Issues Sunday Patch Deadline for Fortinet FortiSandbox RCE Flaws
CISA added CVE-2026-25089 and CVE-2026-39808 in Fortinet FortiSandbox to KEV, ordering FCEB agencies to patch by July 19 amid confirmed

CISA added CVE-2026-25089 and CVE-2026-39808 in Fortinet FortiSandbox to KEV, ordering FCEB agencies to patch by July 19 amid confirmed

F5 released an out-of-band patch for CVE-2026-42533, a CVSS 9.2 heap buffer overflow in NGINX Plus and Open Source requiring

Palo Alto Networks Unit 42 exposed TuxBot v3, an Iranian-linked IoT botnet targeting 17 CPU architectures with DDoS-for-hire capabilities and

SonicWall warns of active exploitation of CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 in SMA1000 appliances. Federal agencies must patch by July

Four official AsyncAPI npm packages were compromised to deliver Miasma, a botnet loader using six C2 channels including Ethereum smart

Siemens, Rockwell, and Schneider Electric issued ICS Patch Tuesday advisories, including a CVSS 10.0 Opencenter X auth bypass and CompactLogix

Broadcom patched seven VMware Avi vulnerabilities, including a critical authentication bypass in the control plane. No active exploitation has been

Cybersecurity agencies from nine countries issued a joint advisory on FSB Center 16 router attacks targeting energy, healthcare, and defense

Datadog Security Labs found threat actors using aged GitHub accounts to map corporate organization members and repositories before launching targeted

Researchers exposed a network of 200 GitHub repositories serving as C2 dead drops for Windows malware, delivered via a malicious
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.