dark
Hand-Picked Top-Read Stories
Trending Tags
1 minute read

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

info@thehackernews.com (The Hacker News)
January 14, 2026
Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. “An improper neutralization of special elements used in an OS command (‘OS command
Total
0
Shares
0
0
0
[[{“value”:”Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances.
The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system.
“An improper neutralization of special elements used in an OS command (‘OS command”}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

January 14, 2026
Next Post

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

January 14, 2026
Related Posts
2 min

APT28 Targeted European Entities Using Webhook-Based Macro Malware

The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo's LAB52 threat intelligence team, was active between September 2025 and January 2026. It has been codenamed Operation MacroMaze. "The campaign relies on basic tooling and the exploitation of legitimate services
info@thehackernews.com (The Hacker News)
February 23, 2026
Read More