Fortinet has released security updates for various products, including OS and FortiProxy, to fix vulnerabilities that could allow a cyber threat actor to take control of a system.
CISA encourages users and administrators to take the following steps for enhanced security:
An unknown threat cluster has targeted European healthcare organizations, deploying PlugX and ShadowPad. In some cases, these intrusions resulted in...
Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected...
An external control of file name or path vulnerability [CWE-73] in FortiClientMac’s installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.
An Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94] in FortiClientLinux may allow
an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.