Blog – Page 359 – Cyber Mike

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Fortinet, Ivanti, and SAP have moved to address critical security flaws in their products that, if successfully exploited, could result in an authentication bypass and code execution.
The Fortinet vulnerabilities affect FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager and relate to a case of improper verification of a cryptographic signature. They are tracked as CVE-2025-59718 and

UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare

Britain and its allies face escalating “hybrid threats … designed to weaken critical national infrastructure, undermine our interests and interfere in our democracies.”

The post UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare appeared first on SecurityWeek.

SAP fixes three critical vulnerabilities across multiple products

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. […]

Windows PowerShell now warns when running Invoke-WebRequest scripts

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. […]

Adobe Patches Nearly 140 Vulnerabilities

The Experience Manager security update resolves 117 vulnerabilities, including 116 identified as cross-site scripting (XSS) bugs.

The post Adobe Patches Nearly 140 Vulnerabilities appeared first on SecurityWeek.

Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges.

The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek.

Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyber Defense

Promotions across Microsoft’s security organization reinforce the company’s shift toward AI-driven defense and tighter operational oversight under Global CISO Igor Tsyganskiy.

The post Microsoft Names New Operating CISOs in Strategic Move to Strengthen Cyber Defense appeared first on SecurityWeek.

Microsoft releases Windows 10 KB5071546 extended security update

Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws. […]

Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws

Microsoft’s December 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. […]

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication. […]

Cyber News