Latest News

1 minute read

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

info@thehackernews.com (The Hacker News)

January 14, 2026

Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances. The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system. “An improper neutralization of special elements used in an OS command (‘OS command

[[{“value”:”Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances.
The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system.
“An improper neutralization of special elements used in an OS command (‘OS command”}]] The Hacker News

Latest News

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

January 14, 2026

Latest News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

January 14, 2026

3 min

Latest News

Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm

Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open VSX Registry in which unidentified threat actors compromised a legitimate developer's resources to push malicious updates to downstream users. "On January 30, 2026, four established Open VSX extensions published by the oorzc author had malicious versions published to Open VSX that embed the GlassWorm

info@thehackernews.com (The Hacker News)

February 2, 2026

2 min

Latest News

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years. The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and including version 2.7. "Telnetd in GNU Inetutils through 2.7 allows remote authentication bypass

info@thehackernews.com (The Hacker News)

January 22, 2026

2 min

Latest News

Cyberattack ate up profits for first half of year, retailer M&S says

The cyberattack on the British retailer Marks & Spencer (M&S) caused profits at the company to plunge to…

admin

November 5, 2025

Hand-Picked Top-Read Stories

Dutch police arrest 21-year-old for alleged involvement in JokerOTP password stealer

Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

Trending Tags

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Previous Post

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Next Post

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Dutch police arrest 21-year-old for alleged involvement in JokerOTP password stealer

Nation-state hackers ramping up use of Gemini for target reconnaissance, malware coding, Google says

ThreatsDay Bulletin: AI Prompt RCE, Claude 0-Click, RenEngine Loader, Auto 0-Days & 25+ Stories

The CTEM Divide: Why 84% of Security Programs Are Falling Behind

83% of Ivanti EPMM Exploits Linked to Single IP on Bulletproof Hosting Infrastructure

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Previous Post

Next Post

Related Posts