Fortinet Releases Security Updates for Multiple Products

Fortinet has released security updates for various products, including OS and FortiProxy, to fix vulnerabilities that could allow a cyber threat actor to take control of a system.

CISA encourages users and administrators to take the following steps for enhanced security:

• Alert

CISA: Splunk flaw under active exploit, patch by Sunday

By infosecbulletin / Saturday , June 20 2026

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has asked federal agencies to protect their systems by Sunday from a...

Read More

• Cyber Attack
• Data Breach

Texas data breach exposes 3 million driver’s licenses

By infosecbulletin / Saturday , June 20 2026

The Texas Parks and Wildlife Department (TPWD) revealed a data leak at its license system provider. This leak exposed private...

Read More

• Alert

Critical Cisco ISE Vulnerability Enables Remote Code Execution

By infosecbulletin / Friday , June 19 2026

Cisco has revealed critical security flaws in its Identity Services Engine (ISE). These flaws could let attackers run harmful code...

Read More

• Alert
• Vulnerabilities

F5 Patches NGINX Flaw for Code Execution and DoS Attacks

By infosecbulletin / Thursday , June 18 2026

F5 has shared a security warning about serious flaws in NGINX. These issues could let attackers run any code and...

Read More

• Cyber Attack
• Data Breach
• Hot Topic

FortiBleed: 70,000 Fortinet Firewalls Compromised Globally

By infosecbulletin / Wednesday , June 17 2026

A vast cyber spying operation called “FortiBleed” has quietly compromised more than 73,932 different Fortinet firewall URLs in 194 countries....

Read More

• Alert
• International

New Rokarolla Android malware hits 217 banking and crypto apps

By infosecbulletin / Wednesday , June 17 2026

A new Android banking trojan called Rokarolla is hitting 217 banking and cryptocurrency apps with a wide range of 137...

Read More

• Cyber Attack

Phishing Campaign Exploits Legitimate Microsoft Login Flow

By infosecbulletin / Tuesday , June 16 2026

Attackers are using Microsoft’s OAuth 2.0 Device Authorization Grant (device code) flow in a campaign to take control of Microsoft...

Read More

• Alert
• Vulnerabilities

ALERT
Cisco SD-WAN Zero-Day, FortiSandbox and cPanel flaws exploited in attacks

By infosecbulletin / Tuesday , June 16 2026

Cisco on Monday told customers about a new SD-WAN product flaw used in attacks. The flaw, called CVE-2026-20262, is a...

Read More

• Uncategorized

“Panthalassa” builds floating AI data centers powered by ocean waves

By infosecbulletin / Tuesday , June 16 2026

Every American data center story these days follows almost the same pattern. Someone has the chips, someone has the cash,...

Read More

• Alert
• Vulnerabilities

Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion

By infosecbulletin / Monday , June 15 2026

A critical security flaw has affected the open-source security community. Recently, complete details and working exploit code were shared online....

Read More

FR-IR-23-345 FortiClientMac – Lack of configuration file validation:

An external control of file name or path vulnerability [CWE-73] in FortiClientMac’s installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.

FG-IR-23-493 FortiOS & FortiProxy – Administrator cookie leakage

FG-IR-23-087 FortiClient Linux – Remote Code Execution due to dangerous nodejs configuration:

An Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94] in FortiClientLinux may allow
an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.