New Fortinet Web Firewall Flaw Under Attack
What happened: A fresh zero-day vulnerability in Fortinet’s web application firewall is being actively exploited.
What to do: Update your Fortinet devices immediately to the latest security patches.7-Zip Vulnerability Being Exploited Now
What happened: Hackers are targeting a recently found flaw in 7-Zip that allows remote code execution.
What to do: Make sure your 7-Zip software is updated to the latest version.ASUS Routers Hijacked in Global Attack
What happened: Thousands of outdated ASUS routers have been taken over through multiple vulnerabilities.
What to do: Update your router firmware or replace old devices no longer supported.Phishing Tool Upgrades to More Deceptive Attacks
What happened: The Sneaky2FA phishing kit now uses a trick that makes fake login windows look real.
What to do: Be extra cautious with login prompts and enable multi-factor authentication.WordPress Plugin W3 Total Cache Has Serious Flaw
What happened: A critical bug in a popular WordPress plugin lets attackers run harmful commands on websites.
What to do: Update the W3 Total Cache plugin or disable it if you can’t update immediately.Windows Registry Memory Flaw Exploited in Attacks
What happened: Researchers show how attackers can exploit memory corruption in Windows Registry hives.
What to do: Keep Windows systems fully patched and monitor for unusual activity.CISA Orders Fast Patch for Fortinet Flaw
What happened: U.S. government agencies have just 7 days to fix a new Fortinet vulnerability.
What to do: If you manage government or critical systems, prioritize patching Fortinet gear now.CoreAudio Fuzzing Reveals New Security Weaknesses
What happened: Security researchers found bugs in Apple’s audio system that could be exploited.
What to do: Keep Apple devices updated and watch for security announcements.
If You Only Do 3 Things Today
| Action (1 minute each) | Why it matters |
|---|---|
| Update Fortinet firewall and 7-Zip software | Stops active attacks exploiting known flaws |
| Check and update your router firmware | Prevents hijacking of vulnerable home or office routers |
| Enable multi-factor authentication (MFA) | Adds a strong layer of protection against phishing |
For Teams (super quick)
- Prioritize patching Fortinet WAF devices immediately to block active zero-day exploits.
- Scan for and update vulnerable 7-Zip installations across your network.
- Review router inventory for outdated ASUS models and plan replacements or firmware updates.
- Educate users about phishing risks, especially new tricks like Browser-in-the-Browser attacks.
- Audit WordPress sites for vulnerable plugins like W3 Total Cache and apply updates or mitigations.
Photo by John M. Smit on Unsplash