Explore

Trendline Trendline
Apache ActiveMQ Classic Vulnerability Exposed After 13 Years, Posing Security Risks

Apache ActiveMQ Classic Vulnerability Exposed After 13 Years, Posing Security Risks

Apache ActiveMQ Classic Vulnerability Exposed After 13 Years, Posing Security Risks
Rapid Read Rapid Read
Apache ActiveMQ Classic Vulnerability Exposed for 13 Years, Poses Security Risks

Apache ActiveMQ Classic Vulnerability Exposed for 13 Years, Poses Security Risks

A remote code execution (RCE) vulnerability has been discovered in Apache ActiveMQ Classic, a widely used open-source messaging and integration patterns server, which has been present for 13 years. The vulnerability, tracked as CVE-2026-34197, allows attackers to invoke management operations through the Jolokia API, potentially retrieving remote configuration files and executing OS commands. This security defect can be exploited by chaining it with an older flaw, CVE-2022-41678, which allows attackers to write webshells to disk. The issue has been addressed in ActiveMQ Classic versions 5.19.4 and 6.2.3, and users are advised to update their deployments promptly.
Trendline Trendline
Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability

Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability

Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability
Trendline Trendline
Webinar Highlights Limitations of Automated Penetration Testing Tools

Webinar Highlights Limitations of Automated Penetration Testing Tools

Webinar Highlights Limitations of Automated Penetration Testing Tools
Rapid Read Rapid Read
US Authorities Disrupt Russian Espionage Operation Using Hacked Routers

US Authorities Disrupt Russian Espionage Operation Using Hacked Routers

The US Justice Department and the FBI have announced the disruption of a Russian espionage operation involving hacked SOHO routers. The operation was linked to the threat actor known as APT28, Forest Blizzard, and Fancy Bear, believed to be backed by Russia's GRU. The hackers targeted vulnerable TP-Link and MikroTik routers, altering their DHCP and DNS settings to redirect traffic through their infrastructure. This adversary-in-the-middle attack allowed the capture of encrypted traffic, including passwords and emails. The attack exploited a known vulnerability, CVE-2023-50224, to control TP-Link routers. Microsoft identified over 200 organizations and 5,000 consumer devices affected by the attack, which began in August 2025.
Rapid Read Rapid Read
Fortinet Releases Emergency Fixes for Critical Zero-Day Vulnerability

Fortinet Releases Emergency Fixes for Critical Zero-Day Vulnerability

Fortinet has issued emergency fixes for a critical zero-day vulnerability in its FortiClient Enterprise Management Server (EMS), identified as CVE-2026-35616. This flaw, characterized by improper access control, allows remote code execution without authentication. Fortinet's advisory warns of active exploitation in the wild, prompting the release of hotfixes for affected versions 7.4.5 and 7.4.6, while version 7.2 remains unaffected. The vulnerability was reported by cybersecurity firm Defused, which observed exploitation and disclosed the issue under responsible protocols. The Shadowserver Foundation has identified approximately 2,000 internet-accessible FortiClient EMS instances potentially vulnerable to attacks.
Trendline Trendline
Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability Exploited in the Wild

Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability Exploited in the Wild

Fortinet Issues Emergency Patch for Critical FortiClient EMS Vulnerability Exploited in the Wild
Trendline Trendline
Fortinet Issues Urgent Update for Zero-Day Vulnerability Amid Active Exploits

Fortinet Issues Urgent Update for Zero-Day Vulnerability Amid Active Exploits

Fortinet Issues Urgent Update for Zero-Day Vulnerability Amid Active Exploits
Trendline Trendline
Fortinet Issues Urgent Security Update for Zero-Day Vulnerability in FortiClientEMS

Fortinet Issues Urgent Security Update for Zero-Day Vulnerability in FortiClientEMS

Fortinet Issues Urgent Security Update for Zero-Day Vulnerability in FortiClientEMS
Rapid Read Rapid Read
Fortinet Issues Emergency Patch for Zero-Day Vulnerability Affecting FortiClient EMS

Fortinet Issues Emergency Patch for Zero-Day Vulnerability Affecting FortiClient EMS

Fortinet has released emergency patches to address a critical vulnerability in its FortiClient Enterprise Management Server (EMS) that has been actively exploited as a zero-day. The flaw, identified as CVE-2026-35616, is an improper access control issue that could allow remote code execution without authentication. Fortinet has observed active exploitation of this vulnerability and has provided hotfixes for FortiClient EMS versions 7.4.5 and 7.4.6, with a full fix expected in version 7.4.7. The vulnerability was reported by the cybersecurity firm Defused, which noted that attackers could bypass API authentication and authorization. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, urging federal agencies to apply the patch by April 9.
Rapid Read Rapid Read
FBI Issues Warning on Foreign Mobile Apps, Highlighting Security Risks

FBI Issues Warning on Foreign Mobile Apps, Highlighting Security Risks

The Federal Bureau of Investigation (FBI) has released a public service announcement warning Americans about the potential dangers of using foreign-based mobile apps, particularly those developed in China. The announcement highlights concerns over data privacy and security, noting that many popular apps in the U.S. are subject to China's National Intelligence Law, which requires companies to provide data to the government. The FBI's warning is part of broader national security concerns that have previously led to actions such as the forced sale of TikTok's U.S. operations. The PSA advises users to be cautious about the permissions they grant to apps, as these can lead to data being stored on servers potentially accessible by foreign governments.
Rapid Read Rapid Read
North Korean Hackers Target Node.js Maintainers in Sophisticated Social Engineering Campaign

North Korean Hackers Target Node.js Maintainers in Sophisticated Social Engineering Campaign

A North Korean hacking group, identified as UNC1069, has been targeting high-profile maintainers of Node.js through a sophisticated social engineering campaign. The attack, which follows a similar pattern to the recent Axios supply chain attack, involves tricking maintainers into installing malware on their systems. The hackers initially engage their targets by inviting them to a Slack workspace and scheduling meetings on Microsoft Teams. During these meetings, the maintainers receive error messages and are instructed to install a fake update, which infects their systems with a Remote Access Trojan (RAT). This campaign has targeted several prominent figures in the Node.js community, including Socket CEO Feross Aboukhadijeh and members of the Node Package Maintenance Working Group. The attackers have been meticulous in their approach, building trust over weeks and using professional conduct to disguise their malicious intent.