Cisco warns of max severity flaw in Firewall Management Center
Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software. [...]
Security warnings identify potential threats, unsafe configurations, or urgent weaknesses so organizations can assess risk and take protective action.
Search across headline titles and summaries.
Background for this topic.
Warning is a notification that a security-relevant condition may require attention, such as a newly disclosed vulnerability, suspicious authentication activity, malicious campaign, unsafe configuration, or deceptive message. In security news, the term commonly covers public advisories and threat-intelligence notices as well as operational alerts generated by defensive systems; it does not by itself prove that an attack or compromise has occurred.
Practitioners should assess the warning’s source, affected products or environments, evidence, severity, exploitability, and recommended action. Vulnerability warnings may require identifying exposed assets, applying a fix or mitigation, and checking for exploitation; campaign warnings may provide indicators for detection and investigation. Alerts should be triaged against logs and other evidence, with significant findings routed into incident response. Because attackers can imitate urgent security notices, recipients should verify requests and access instructions through trusted channels, while excessive or poorly tuned alerts can create fatigue and obscure genuinely important signals.
Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software. [...]
Plex has notified some of its users on Thursday to urgently update their media servers due to a recently patched security vulnerability. [...]
System prompt engineering turns benign AI assistants into 'investigator' and 'detective' roles that bypass privacy guardrails A team of boffins is warning that AI chatbots built on large language models (LLM) can be tuned into malicious agents to autonomously harvest users’ personal data, even by attackers with "minimal technical expertise”, thanks to "system prompt" customization tools from OpenAI and others.…
Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems
Federal funding cuts to the Multi-State Information Sharing and Analysis Center (MS-ISAC) are about to leave more than 18,000 state and local organizations without access to basic cybersecurity resources they need to protect US national security, a letter sent to Congressional appropriators warns.
Two critical N-able vulnerabilities enable local code execution and command injection, and require authentication to exploit, suggesting they wouldn't be seen at the beginning of an exploit chain.
Fortinet reveals details of a new critical-rated vulnerability in FortiSIEM circulating in the wild
CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able's N-central remote monitoring and management (RMM) platform. [...]
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,
Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. [...]
Zelle Provider Allowed $1 Billion of Fraudulent Transactions, Prosecutors SayThe state of New York is suing the privately held fintech company behind the Zelle money transfer system in a complaint that alleges years of poor cybersecurity and protections against fraud. The New York complaint targets Early Warning Services, the company behind the money transfer app.
Coinbase's Philip Martin on How Attackers Are Spending Months on Crypto Exploits"The attackers are willing to invest time, effort and expense in attacking cryptocurrency companies because that's where the money is," says Philip Martin, chief security officer at Coinbase, warning that defenders must stay agile to counter increasingly targeted and sophisticated threats.
Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild
Foundation warns federated servers face biggest risk, but single-instance users can take their time The maintainers of the federated secure chat protocol Matrix are warning users of a pair of "high severity protocol vulnerabilities," addressed in the latest version, saying patching them requires a breaking change in servers and clients.…
Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices
The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the country. [...]