brangberg – Page 159

Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution

Fortinet has released updates to fix a critical security flaw impacting FortiSIEM that could allow an unauthenticated attacker to achieve code execution on susceptible instances.
The operating system (OS) injection vulnerability, tracked as CVE-2025-64155, is rated 9.4 out of 10.0 on the CVSS scoring system.
“An improper neutralization of special elements used in an OS command (‘OS command

WitnessAI Raises $58 Million for AI Security Platform

The company will use the fresh investment to accelerate its global go-to-market and product expansion.

The post WitnessAI Raises $58 Million for AI Security Platform appeared first on SecurityWeek.

Victorian Department of Education says hackers stole students’ data

The Department of Education in Victoria, Australia, notified parents that attackers gained access to a database containing the personal information of current and former students. […]

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024.
Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise.
Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%).

Download the

Robo-Advisor Betterment Discloses Data Breach

A threat actor breached Betterment’s systems, accessed customer information, and sent scam crypto-related messages.

The post Robo-Advisor Betterment Discloses Data Breach appeared first on SecurityWeek.

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Exploitable without authentication, the two security defects could lead to configuration leak and code execution.

The post Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM appeared first on SecurityWeek.

Microsoft: Windows 365 update blocks access to Cloud PC sessions

Microsoft confirmed that a recent Windows 365 update is blocking customers from accessing their Microsoft 365 Cloud PC sessions. […]

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution.

The post Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited

Microsoft on Tuesday rolled out its first security update for 2026, addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild.
Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code

Monroe University says 2024 data breach affects 320,000 people

Monroe University revealed that threat actors stole the personal, financial, and health information of over 320,000 people after breaching its systems in a December 2024 cyberattack. […]

Author: brangberg