The tool you bought to catch malware is now being used as a foothold. Attackers started exploiting Fortinet FortiSandbox on June 15 — six weeks after patches were released.

By Editorial Team | June 19, 2026

The tool you bought to catch malware is now being used as a foothold. Attackers started exploiting Fortinet FortiSandbox on June 15 — six weeks after patches were released. Three critical vulnerabilities. All three actively exploited. FortiSandbox is enterprise malware analysis infrastructure. You send suspicious files to it. It detonates them in isolation. It tells…

Read More

Your AI agent framework was backdoored overnight. 144 packages. 1.1 million weekly downloads. The attack started with a dormant account.

By Editorial Team | June 18, 2026

Your AI agent framework was backdoored overnight. 144 packages. 1.1 million weekly downloads. The attack started with a dormant account. Here is what happened — and what it means for your development team. Mastra is the dominant JavaScript/TypeScript framework for building AI agents. On June 16, an attacker hijacked “ehindero” — a real former Mastra…

Read More

74,000 Fortinet firewalls. Admin passwords cracked. No CVE.

By Editorial Team | June 18, 2026

74,000 Fortinet firewalls. Admin passwords cracked. No CVE. If you run FortiGate infrastructure, the question is not whether to act — it is how fast. Security researcher Bob Diachenko discovered on June 17 an exposed server containing verified admin credentials for 73,932 Fortinet FortiGate devices across 194 countries. The campaign, now called FortiBleed, was confirmed…

Read More