
FortiBleed True Scale: 430,000 Firewalls Targeted, INC and Lynx Linked
SOCRadar confirmed FortiBleed hit 430,000 FortiGate firewalls with sniffers on 19,000 devices, linking the operation to INC Ransom and Lynx

SOCRadar confirmed FortiBleed hit 430,000 FortiGate firewalls with sniffers on 19,000 devices, linking the operation to INC Ransom and Lynx

Synacktiv disclosed an unpatched unauthenticated RCE in Argo CD’s repo-server component that can lead to full Kubernetes cluster takeover with

Citrix patched six NetScaler ADC and Gateway vulnerabilities including a new HTTP/2 Bomb denial-of-service vector and information disclosure flaws similar

watchTowr Labs published a working exploit for CVE-2026-8037, a pre-authentication root RCE in Progress Kemp LoadMaster, weeks after patches were

CISA disclosed three Daktronics LED controller vulnerabilities that give remote attackers root access to highway signs, billboards, and roadside message

Mozilla’s 0DIN researchers show a clean GitHub repo can trick AI coding tools into running malware via DNS TXT records,

CSIS used a court-authorized warrant to remove foreign botnet malware from Canadian servers and IoT devices in a first use

Symantec found that DragonForce ransomware deployed Backdoor.Turn, a Go implant that hides C2 traffic inside Microsoft Teams TURN relay infrastructure.

Cisco released patches for CVE-2026-20262, an unauthenticated server-side request forgery flaw in SD-WAN Manager now actively exploited, as CISA issued

Fortinet patched CVE-2026-25089, a CVSS 9.1 OS command injection in FortiSandbox’s Web UI exploitable by unauthenticated attackers via crafted HTTP
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.