The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Bleeping Computer

Fortinet warns admins to patch critical auth bypass bug immediately

Fortinet has warned administrators to update FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management platforms to the latest versions, which address a ...
ZDNet

Fortinet warns that critical authentication bypass flaw has been exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog. CISA on Tuesday added the flaw to the KEV catalog, a day ...
Threat Post

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit. A pair of bugs in the Kubernetes open-source cloud container software can be “highly dangerous” under ...
PC World

Authentication bypass bug exposes Foscam webcams to unauthorized access

The software used by many wireless IP cameras manufactured by Foscam Digital Technologies have a vulnerability that allows remote users to access their video streams and take snapshots without proper ...
Bleeping Computer

Fortinet says critical auth bypass bug is exploited in attacks

Fortinet has confirmed today that a critical authentication bypass security vulnerability patched last week is being exploited in the wild. The security flaw (CVE-2022-40684) is an auth bypass on the ...