Yasna | Cybersecurity news, filtered

Security Affairs 6 days, 10 hours ago

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability

Dark Reading 1 month, 4 weeks ago

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

More from Dark Reading 7 Apr 2026, 8:24 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication Bypass CVE Flaw Fortinet Patch Vulnerability

The Hacker News 1 month, 4 weeks ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild

More from The Hacker News 5 Apr 2026, 4:32 p.m. Incident · 10 stories Actively exploited CVE-2026-35616 API Authentication Bypass CVE Critical Flaw Fortinet Patch Privilege Escalation Vulnerability

The Hacker News 4 months ago

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild

More from The Hacker News 28 Jan 2026, 5:49 p.m. Actively exploited CVE-2026-24858 Authentication Bypass CVE Critical Flaw Fortinet Patch SSO Vulnerability

Bleeping Computer 4 months, 1 week ago

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. [...]

More from Bleeping Computer 28 Jan 2026, 12:19 p.m. Actively exploited CVE-2026-24858 0-Day Authentication Blocked Bypass CVE Critical Firmware Fortinet Patch SSO Vulnerability

Bleeping Computer 4 months, 1 week ago

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. [...]

More from Bleeping Computer 22 Jan 2026, 6:49 a.m. Actively exploited CVE-2025-59718 Authentication Bypass CVE Critical Firewalls Fixed Fortinet Hacking Patch Report Vulnerability

The Register 1 year, 3 months ago

SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN

Roses are red, violets are blue, CVE-2024-53704 is perfect for a ransomware crew Miscreants are actively abusing a high-severity authentication bypass bug in unpatched internet-facing SonicWall firewalls following the public release of proof-of-concept exploit code.…

More from The Register 15 Feb 2025, 11:53 a.m. Actively exploited CVE-2024-53704 Authentication Bypass CVE Exploit Firewalls Patch PoC Ransomware VPN

Bleeping Computer 1 year, 3 months ago

SonicWall firewall exploit lets hackers hijack VPN sessions, patch now

Security researchers at Bishop Fox have published complete exploitation details for the CVE-2024-53704 vulnerability that allows bypassing the authentication mechanism in certain versions of the SonicOS SSLVPN application. [...]

More from Bleeping Computer 12 Feb 2025, 4:56 a.m. Actively exploited CVE-2024-53704 Authentication CVE Critical Exploit Firewalls Patch Research VPN Vulnerability

The Hacker News 1 year, 4 months ago

SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation

SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day

More from The Hacker News 23 Jan 2025, 11:24 p.m. Actively exploited CVE-2025-23006 0-Day Authentication CVE Critical Flaw Mobile Patch Vulnerability

Latest cybersecurity reporting from selected sources.

Refine the feed

Volume over time

Fresh headlines available