ZDNet

Fortinet warns that critical authentication bypass flaw has been exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day ...

Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized ...
Bleeping Computer

Cisco warns of auth bypass bug with public exploit in EoL routers

Cisco warned customers today of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life (EoL) VPN routers. It is caused by improper validation of user ...
Bleeping Computer

Fortinet warns admins to patch critical auth bypass bug immediately

Fortinet has warned administrators to update FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management platforms to the latest versions, which address a ...
ZDNet

Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass

Microsoft has warned that the hacking group behind the 2020 SolarWinds supply chain attack have a new technique for bypassing authentication in corporate networks. The trick, a highly specialized ...
PC World

BitLocker encryption can be defeated with trivial Windows authentication bypass

Companies relying on Microsoft BitLocker to encrypt the drives of their employees’ computers should install the latest Windows patches immediately. A researcher disclosed a trivial Windows ...