Vulnerabilities & Patches
Three CVSS 10.0 Vulnerabilities in Ubiquiti UniFi OS — Zero Auth, Full Network Control
Three CVSS 10.0 vulnerabilities in Ubiquiti UniFi OS. One exploit chain. Full network control. Zero authentication required. If you use UniFi in your office — and most DACH SMBs do — this is your highest-priority patch this week. CISA added three Ubiquiti vulnerabilities to its Known Exploited Vulnerabilities catalog on June 23, confirming active exploitation…
Read MoreAttackers just got admin access to the system that was supposed to catch them.
Attackers just got admin access to the system that was supposed to catch them. Splunk Enterprise has a CVSS 9.8 vulnerability — CVE-2026-20253 — that allows unauthenticated remote attackers to write arbitrary files on the Splunk server without any credentials. File write chains into full remote code execution. CISA confirmed active exploitation yesterday and added…
Read MoreThe tool you bought to catch malware is now being used as a foothold. Attackers started exploiting Fortinet FortiSandbox on June 15 — six weeks after patches were released.
The tool you bought to catch malware is now being used as a foothold. Attackers started exploiting Fortinet FortiSandbox on June 15 — six weeks after patches were released. Three critical vulnerabilities. All three actively exploited. FortiSandbox is enterprise malware analysis infrastructure. You send suspicious files to it. It detonates them in isolation. It tells…
Read More74,000 Fortinet firewalls. Admin passwords cracked. No CVE.
74,000 Fortinet firewalls. Admin passwords cracked. No CVE. If you run FortiGate infrastructure, the question is not whether to act — it is how fast. Security researcher Bob Diachenko discovered on June 17 an exposed server containing verified admin credentials for 73,932 Fortinet FortiGate devices across 194 countries. The campaign, now called FortiBleed, was confirmed…
Read MoreYour Windows is fully patched. And there’s a public exploit on GitHub that gives attackers SYSTEM on it right now.
Your Windows is fully patched. And there’s a public exploit on GitHub that gives attackers SYSTEM on it right now. On June 10 — hours after Microsoft shipped its June Patch Tuesday update — researcher Nightmare Eclipse published a working exploit called RoguePlanet. It targets a race condition in Microsoft Defender’s quarantine pipeline. Defender runs…
Read More
