CVE-2025-61624

creationtimestamp| type| source ---|---|--- 2026-04-14 04:00:00+00:00| exploited| https://fortiguard.fortinet.com/psirt/FG-IR-26-122...

North Korean Hackers Abuse GitHub to Spy on South Korean Firms

Researchers from FortiGuard Labs have uncovered a high-severity spying campaign targeting South Korean companies. Discover how North Korean…...

EUVD-2014-2009

Malware in sbrugna...

EUVD-2018-20792

Malware in sbrugna...

EUVD-2014-2008

Malware in sbrugna...

SEO Poisoning Attack Hits Windows Users With Hiddengh0st and Winos Malware

New SEO poisoning campaign exposed! FortiGuard Labs reveals how attackers trick users with fake websites to deliver Hiddengh0st…...

CVE-2023-22642

An improper certificate validation vulnerability CWE-295 in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the device and the...

CVE-2018-9195

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient sent and...

CVE-2025-22252

creationtimestamp| type| source ---|---|--- 2025-05-13 21:09:34+00:00| seen| https://www.fortiguard.com/psirt/FG-IR-24-472 2025-05-14 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1549 2025-05-14 06:13:02+00:00| seen|...

New Malware Campaign Exploits Microsoft Graph API to Infect Windows

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack's evasion techniques and security measures...

FortiGuard Labs Links New EC2 Grouper Hackers to AWS Credential Exploits

Researchers at FortiGuard Labs have identified a prolific attacker group known as "EC2 Grouper" who frequently exploits compromised credentials using AWS tools...

FortiManager fgfmd remote command execution

Added: 11/15/2024 Background FortiManager is an integrated platform for the centralized management of products in a Fortinet security infrastructure. Problem Missing authentication in the fgfmd service could allow a remote attacker to execute arbitrary commands. Resolution Upgrade to FortiManager...

Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance CSA as zero-days to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain...

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug...

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S...

New Fickle Stealer Exploits Software Flaws to Steal Crypto, Browser Data

Fortinet's FortiGuard Labs exposes the Fickle Stealer, a malware using multiple attack methods to steal logins, financial details, and more. Learn how to protect yourself from this evolving threat...

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader...

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

Financial organizations in the Asia-Pacific APAC and Middle East and North Africa MENA are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published...

Fortinet FortiProxy Out-of-bound Write in sslvpnd (FG-IR-24-015)

The version of FortiProxy installed on the remote host affected by an out-of-bounds write vulnerability in sslvpnd that can allow an attacker to execute unauthorized code or commands via specifically crafted requests. Note that Nessus has not tested for this issue but has instead relied only on t...

Crypto Stealing PyPI Malware Hits Both Windows and Linux Users

By Deeba Ahmed FortiGuard Labs latest research report reveals a concerning trend: threat actors are leveraging the Python Package Index PyPI,… This is a post from HackRead.com Read the original post: Crypto Stealing PyPI Malware Hits Both Windows and Linux Users...