Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

6 headlines in this view

Showing 6 most recent headlines Filtered view

The Hacker News 9 months, 3 weeks ago

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild

More from The Hacker News 13 Aug 2025, 11:37 p.m. CVE-2025-25256 CVE Critical Exploit Flaw Fortinet Unauthenticated Vulnerability Warning

The Hacker News 10 months, 3 weeks ago

Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)

Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances

More from The Hacker News 12 Jul 2025, 2:38 a.m. Actively exploited CVE-2025-25257 CVE Critical Database Flaw Fortinet Patch SQL Unauthenticated Vulnerability

The Hacker News 1 year ago

Fortinet Patches CVE-2025-32756 Zero-Day RCE Flaw Exploited in FortiVoice Systems

Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems

More from The Hacker News 14 May 2025, 4:21 p.m. Actively exploited CVE-2025-32756 0-Day CVE Critical Flaw Fortinet Patch Remote Code Execution Unauthenticated Vulnerability

Dark Reading 1 year, 5 months ago

Fortinet Addresses Unpatched Critical RCE Vector

Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.

More from Dark Reading 20 Dec 2024, 11:29 a.m. CVE-2023-34990 CVE-2023-48782 CVE Critical Fortinet Patch Remote Code Execution Unauthenticated Wireless

Dark Reading 2 years ago

Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access

Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.

More from Dark Reading 30 May 2024, 6:04 a.m. CVE-2024-23108 CVE Critical Exploit Fortinet Patch Remote Code Execution Root SIEM Unauthenticated

Bleeping Computer 3 years, 3 months ago

Hackers now exploit critical Fortinet bug to backdoor servers

Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution. [...]

More from Bleeping Computer 23 Feb 2023, 8:06 a.m. CVE-2022-39952 Backdoor CVE Critical Exploit Exposure Fortinet Threat Actor Unauthenticated Vulnerability