Symlink backdoor on Fortinet SSL-VPN devices
ShadowServer has discovered more than 17,000 Fortinet SSL VPNs compromised by what’s known as the symlink backdoor. We obtained the […]
Symlink backdoor on Fortinet SSL-VPN devices Read More »
CVE
CVE-2025-24799 & CVE-2025-24801
The vulnerabilities identified as CVE-2025-24799 and CVE-2025-24801 affect GLPI, an open-source IT asset management tool. These vulnerabilities allow an unauthenticated
CVE-2025-24799 & CVE-2025-24801 Read More »
LeMagIT – GLPI: 680 instances in France affected by two serious vulnerabilities
[..] The ONYPHE attack surface management platform has just added support for detecting GLPI vulnerabilities CVE-2025-24799 and CVE-2025-24801. Building on
LeMagIT – GLPI: 680 instances in France affected by two serious vulnerabilities Read More »
Situation report
March 2025 – Network Vulnerabilities Situation Report
Over the past three years, the number of critical vulnerabilities affecting network equipment has increased significantly. Firewalls, routers, and other
March 2025 – Network Vulnerabilities Situation Report Read More »
CVE
CVE-2024-55591
CVE-2024-55591 is a critical privilege escalation vulnerability affecting FortiOS versions 7.0.0 through 7.0.16 and FortiProxy versions 7.0.0 through 7.0.19 and
Communication
Retrospective 2024 and Roadmap 2025
Written on 2025/01/31 First of all, we wish you and your loved ones a wonderful year in 2025. May it
Retrospective 2024 and Roadmap 2025 Read More »
Communication
Detecting cups vulnerabilities while staying ethical
As you have probably seen by now @evilsocket published an amazing blog on vulnerabilities in CUPS. If you’ve been staying
Detecting cups vulnerabilities while staying ethical Read More »
CVE
CVE-2024-3400
The CVE-2024-3400 vulnerability is a critical flaw discovered in the GlobalProtect functionality of Palo Alto Networks’ PAN-OS operating system. It
BleepingComputer – Hackers update Cisco IOS XE backdoor to hide infected devices
[..] ONYPHE Founder & CTO Patrice Auffret told BleepingComputer that he believes the threat actors behind the attacks are deploying
BleepingComputer – Hackers update Cisco IOS XE backdoor to hide infected devices Read More »
CVE
CVE-2023-20198
CVE-2023-20198 is a critical vulnerability in the web user interface (UI) of Cisco’s IOS XE Software, assigned a CVSS score
HELP NET SECURITY – What makes a good ASM solution stand out
[..] First, let’s define ASM. The term was coined by Gartner somewhere in 2020. It is a new tool in
HELP NET SECURITY – What makes a good ASM solution stand out Read More »
Reuters – Florida state court system, US, EU universities hit by ransomware outbreak
[..] One cybersecurity expert said the outbreak – thought to have exploited a two-year-old vulnerability in VMWare Inc. – was
Reuters – Florida state court system, US, EU universities hit by ransomware outbreak Read More »