dark
Hand-Picked Top-Read Stories
Trending Tags
1 minute read

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

info@thehackernews.com (The Hacker News)
January 14, 2026
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. “An improper neutralization of special elements used in an OS command (‘OS command
Total
0
Shares
0
0
0
[[{“value”:”Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances.
The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system.
“An improper neutralization of special elements used in an OS command (‘OS command”}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

January 14, 2026
Next Post

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

January 14, 2026
Related Posts
3 min

From HealthKick to GOVERSHELL: The Evolution of UTA0388’s Espionage Malware

A China-aligned threat actor codenamed UTA0388 has been attributed to a series of spear-phishing campaigns targeting North America, Asia, and Europe that are designed to deliver a Go-based implant known as GOVERSHELL. "The initially observed campaigns were tailored to the targets, and the messages purported to be sent by senior researchers and analysts from legitimate-sounding, completely
info@thehackernews.com (The Hacker News)
October 9, 2025
Read More
2 min

Salesforce Flags Unauthorized Data Access via Gainsight-Linked OAuth Activity

Salesforce has warned of detected "unusual activity" related to Gainsight-published applications connected to the platform. "Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app's connection," the company said in an advisory. The cloud services firm said it has taken the step of revoking all active access and refresh
info@thehackernews.com (The Hacker News)
November 21, 2025
Read More
7 min

How to Integrate AI into Modern SOC Workflows

Artificial intelligence (AI) is making its way into security operations quickly, but many practitioners are still struggling to turn early experimentation into consistent operational value. This is because SOCs are adopting AI without an intentional approach to operational integration. Some teams treat it as a shortcut for broken processes. Others attempt to apply machine learning to problems
info@thehackernews.com (The Hacker News)
December 30, 2025
Read More