Cyber: ⚡ Weekly Recap: Fortinet Exploits, Redline Clipjack, Ntlm Crack,...

In cybersecurity, the line between a normal update and a serious incident keeps getting thinner. Systems that once felt reliable are now under pressure from constant change. New AI tools, connected devices, and automated systems quietly create more ways in, often faster than security teams can react. This week's stories show how easily a small mistake or hidden service can turn into a real break-in.

Behind the headlines, the pattern is clear. Automation is being used against the people who built it. Attackers reuse existing systems instead of building new ones. They move faster than most organizations can patch or respond. From quiet code flaws to malware that changes while it runs, attacks are focusing less on speed and more on staying hidden and in control.

If you're protecting anything connected—developer tools, cloud systems, or internal networks—this edition shows where attacks are going next, not where they used to be.

Critical Fortinet Flaw Comes Under Attack — A critical security flaw in Fortinet FortiSIEM has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-64155 (CVSS score: 9.4), allows an unauthenticated attacker to execute unauthorized code or commands via crafted TCP requests. In a technical analysis, Horizon3.ai described the issue as comprising two issues: an unauthenticated argument injection vulnerability that leads to arbitrary file write, allowing for remote code execution as the admin user, and a file overwrite privilege escalation vulnerability that leads to root access and complete compromise of the appliance. The vulnerability affects the phMonitor service, an internal FortiSIEM component that runs with elevated privileges and plays an integral role in system health and monitoring. Because the service is deeply embedded in FortiSIEM's operational workflow, successful exploitation grants attackers full control of the appliance.

Today's phishing attacks involve AI voices, videos, and exec deepfakes. Adaptive Security is the first security awareness platform built to stop AI-powered social engineering. Adaptive protects your team with custom training and deepfake simulations featuring your own executives.

Hackers act fast. They can use new bugs within hours. One missed update can cause a big breach. Here are this week's most serious security flaws. Check them, fix what matters first, and stay protected.

This week's list includes — CVE-2025-20393 (Cisco AsyncOS Software), CVE-2026-23550 (Modular D

Source: The Hacker News