⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, Phaas Empire...
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms.
It's not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it's a business. And in some cases, they're using the same apps and services that businesses rely on — flipping the script without anyone noticing at first.
The scary part? Some threats weren't even bugs — just clever use of features we all take for granted. And by the time people figured it out, the damage was done.
Let's look at what really happened, why it matters, and what we should all be thinking about now.
Silently Patched Fortinet Flaw Comes Under Attack — A vulnerability that was patched by Fortinet in FortiWeb Web Application Firewall (WAF) has been exploited in the wild since early October 2025 by threat actors to create malicious administrative accounts. The vulnerability, tracked as CVE-2025-64446 (CVSS score: 9.1), is a combination of two discrete flaws, a path traversal flaw and an authentication bypass, that could be exploited by an attacker to perform any privileged action. It's currently not known who is behind the exploitation activity. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by November 21, 2025.
Building and deploying AI applications using AWS managed-AI services?
Secure AI on AWS with Wiz's cheat new sheet: designed to help cloud security leaders secure AWS AI workloads, including SageMaker, Bedrock, and Amazon Q, by protecting data, models, and artifacts; enforcing least-privilege access; securing inference endpoints; and managing third-party models.
Get tips to spot risks, prevent misconfigurations, and protect your AI pipeline from code to cloud.
Attackers don't wait. A missed patch today can be a foothold tomorrow. All it takes is one overlooked CVE to open the door wide. This week's top vulnerabilities are already on threat actors' radar — scan the list, fix fast, and don't give them a head start.
This week's list includes — CVE-2025-64446 (Fortinet FortiWeb), CVE-2025-64740, CVE-2025-64741, CVE-2025-64738, CVE-2025-64739 (Zoom), CVE-2025-12485 (Devolutions Server), CVE-2025-59396 (WatchGuard Firebox), CVE-2025-42890
