Network Security

Cybersecurity
FortiBleed True Scale: 430,000 Firewalls Targeted, INC and Lynx Linked
SOCRadar confirmed FortiBleed hit 430,000 FortiGate firewalls with sniffers on 19,000 devices, linking the operation to INC Ransom and Lynx ransomware groups.
Application Security
Unpatched Argo CD RCE Puts Kubernetes Clusters at Risk
Synacktiv disclosed an unpatched unauthenticated RCE in Argo CD's repo-server component that can lead to full Kubernetes cluster takeover with no fix currently available.
CVE Vulnerability Alerts
Citrix Patches Six NetScaler Flaws Including HTTP/2 Bomb Vector
Citrix patched six NetScaler ADC and Gateway vulnerabilities including a new HTTP/2 Bomb denial-of-service vector and information disclosure flaws similar to the CitrixBleed session token ...
CVE Vulnerability Alerts
Working Exploit Published for LoadMaster CVE-2026-8037 RCE
watchTowr Labs published a working exploit for CVE-2026-8037, a pre-authentication root RCE in Progress Kemp LoadMaster, weeks after patches were released.
Application Security
Three Daktronics Controller Flaws Allow Remote Highway Sign Hijack
CISA disclosed three Daktronics LED controller vulnerabilities that give remote attackers root access to highway signs, billboards, and roadside message boards.
Application Security
Mozilla 0DIN Shows AI Coding Agents Can Be Tricked via DNS TXT
Mozilla's 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records, bypassing security scanners entirely.
Cybersecurity
Canada’s CSIS Uses Court Warrant to Dismantle Foreign Botnet
CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use of its threat reduction powers.
Cybersecurity
DragonForce’s Backdoor.Turn Routes C2 via Microsoft Teams TURN
Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.
CVE Vulnerability Alerts
Cisco CVE-2026-20262 Added to CISA KEV; Eighth Exploited SD-WAN Flaw
Cisco released patches for CVE-2026-20262, an unauthenticated server-side request forgery flaw in SD-WAN Manager now actively exploited, as CISA issued a 13-day federal deadline.
Application Security
Fortinet FortiSandbox CVE-2026-25089 Allows Unauthenticated RCE
Fortinet patched CVE-2026-25089, a CVSS 9.1 OS command injection in FortiSandbox's Web UI exploitable by unauthenticated attackers via crafted HTTP requests.