Cybersecurity

Fortinet Warns of Critical FortiOS SSL VPN Flaw Likely Under Active Exploitation

Feb 09, 2024NewsroomZero Day Vulnerability / Network Security Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. “A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a […]

Cybersecurity

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

Jan 20, 2024NewsroomZero Day / Cyber Espionage An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. “UNC3886 has a track record of utilizing zero-day vulnerabilities […]