Gary Langston

Type: OS Command Injection vulnerability (CWE-78) Affected Product: Fortinet FortiWeb (Web Application Firewall) Affected Versions: 8.0.0 – 8.0.1 7.6.0 – 7.6.5 7.4.0 – 7.4.10 7.2.0 – 7.2.11 7.0.0 – 7.0.11 [nvd.nist.gov] , [cvedetails.com] Description The vulnerability is caused by improper neutralization of special elements used in OS commands . An authenticated attacker can exploit this flaw by sending crafted HTTP requests or CLI commands , allowing them to execute arbitrary code on the underlying system. This can compromise the integrity, confidentiality, and availability of the device. [nvd.nist.gov] , [cvedetails.com] Severity CVSS v3.1 Base Score: 7.2 (High) Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Impact: High on Confidentiality, Integrity, and Availability [cvedetails.com] Exploitation Status Actively Exploited: Yes. Fortinet confirmed expl...

  Chrome Type Confusion Zero-Day vulnerability What Happened Google released an emergency security update for Chrome to patch a zero-day vulnerability actively exploited in the wild . The flaw is tracked as CVE-2025-13223 , rated High severity (CVSS 8.8) , and affects the V8 JavaScript and WebAssembly engine used by Chrome and other Chromium-based browsers (Edge, Brave, Opera, Vivaldi). [thehackernews.com] , [bleepingcomputer.com] , [gbhackers.com] Nature of the Vulnerability Type Confusion occurs when the browser misinterprets an object’s type, leading to memory corruption . Attackers can exploit this via a crafted HTML page , potentially achieving: Heap corruption Arbitrary code execution Full system compromise if chained with other exploits. [computerworld.com] , [theregister.com] Active Exploitation Google confirmed that an exploit for CVE-2025-13223 exists in the wild . Evidence suggests commercial spyware vendors or nation-state actors may be behin...

  What Happened Cloudflare, a major internet infrastructure provider, experienced a global outage early Tuesday morning. The issue began around 6:00 AM ET and caused widespread HTTP 500 errors , impacting Cloudflare’s Dashboard, API , and services that rely on its network. Popular platforms like X (Twitter), ChatGPT, Spotify, Uber, Canva, League of Legends , and even Downdetector (which tracks outages) were affected. Some government and transit services also reported disruptions. [engadget.com] , [pcmag.com] , [securityweek.com] Cloudflare confirmed the outage was not a cyberattack . The root cause was a latent bug in its bot mitigation service , triggered by a routine configuration change . This bug cascaded into a broad network degradation, affecting multiple services globally. [pcmag.com] , [securityweek.com] , [techcrunch.com] Initially, Cloudflare also observed an unusual traffic spike , which contributed to the errors, but the main culprit was the bug. [cnbc.com] , ...

  Why Tiering Mission Data Matters 1. Cloud is resilient — but not invincible. Even with Azure’s robust DDoS mitigation, a 15+ Tbps attack shows that single-point cloud dependencies can be risky. Tiering lets you isolate critical workloads from public exposure. 2. Hybrid and on-prem tiers offer latency and control. For banking, fraud prevention, and compliance workloads, on-prem or hybrid tiers can: Reduce exposure to internet-based threats Improve response times for internal systems Ensure data sovereignty and auditability 3. Tiering enables graceful degradation. If public cloud services are throttled or disrupted, local tiers can maintain core operations — especially for authentication, transaction processing, or alerting systems. 4. Strategic segmentation supports incident response. By separating tiers (e.g., public-facing apps vs. internal fraud engines), you can: Limit blast radius Prioritize recovery Maintain foren...

  A critical Fortinet FortiWeb vulnerability is currently being exploited in the wild using a public proof-of-concept (PoC) . Here are the key details: What is the flaw? It’s an authentication bypass / path traversal vulnerability in FortiWeb WAF. Exploitation allows attackers to create new admin accounts without authentication , giving full control of the device. The vulnerable endpoint is: /api/v2.0/cmdb/system/admin%3F/../../../../../cgi-bin/fwbcgi Attackers send crafted HTTP POST requests to this path with payloads that create admin-level accounts. Example usernames seen: Testpoint , trader1 , trader Example passwords: 3eMIXX43 , AFT3$tH4ck , AFT3$tH4ckmet0d4yaga!n . [bleepingcomputer.com] Affected Versions FortiWeb 8.0.1 and earlier are vulnerable. Fixed in 8.0.2 (released end of October 2025). No official CVE or advisory yet from Fortinet, but multiple security researchers confirmed the exploit works on older versions. [thehackernews.com] Public Explo...

Microsoft’s November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day in the Windows Kernel. It also introduces key updates for Windows 11 and extended support for Windows 10. Security Fixes Overview Total vulnerabilities patched: 63 flaws Zero-day vulnerability: CVE-2025-62215 — Windows Kernel Elevation of Privilege Exploited via a race condition to gain SYSTEM privileges Critical vulnerabilities (4 total): 2 Remote Code Execution (RCE) flaws 1 Elevation of Privilege 1 Information Disclosure Windows 11 Enhancements (KB5068861) Start Menu redesign: Scrollable “All apps” section Grid/category views Phone Link integration Taskbar battery icon: Color-coded status (green/yellow/red) Optional battery percentage display Task Manager fix: Resolves issue where Task Manager stayed running after being closed Gaming device improvements: Fixes battery drain and controller lag on handhelds Storage Spaces fix: Resolves cluster se...

  Cisco UCCX Vulnerability (CVE-2025-20354) Cisco recently patched a critical vulnerability in its Unified Contact Center Express (UCCX) software that could allow unauthenticated remote attackers to execute arbitrary commands with root privileges on affected systems.   How the Exploit Works There are two major flaws involved: 1.            CVE-2025-20354 – Java RMI Remote Code Execution •             Component Affected: Java Remote Method Invocation (RMI) process in Cisco UCCX. •             Root Cause: Improper authentication mechanisms tied to specific UCCX features. •             Exploit Method: An attacker can upload a crafted file via the Java RMI interface. •             Impact: The file ...