"This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day - like AI, VPNs, or app stores - to cause damage without setting off alarms. It's not just about hacking anymore. Criminals are building systems to make money, spy, or spread malware like it's a business."
"A vulnerability that was patched by Fortinet in FortiWeb Web Application Firewall (WAF) has been exploited in the wild since early October 2025 by threat actors to create malicious administrative accounts. The vulnerability, tracked as CVE-2025-64446 (CVSS score: 9.1), is a combination of two discrete flaws, a path traversal flaw and an authentication bypass, that could be exploited by an attacker to perform any privileged action."
Silent and stealthy attacks exploited trusted tools and legitimate features such as AI, VPNs, and app stores to avoid detection and cause damage. Criminals are building operational systems to monetize spying, distributing malware, and conducting espionage at scale. A high-severity Fortinet FortiWeb WAF vulnerability (CVE-2025-64446) patched earlier has been actively exploited since early October 2025 to create malicious administrative accounts, combining path traversal and authentication bypass flaws. CISA added the flaw to the KEV catalog with an FCEB remediation deadline of November 21, 2025. Europol-led Operation Endgame disrupted Rhadamanthys Stealer, Venom RAT, and Elysium botnet and led to arrests and seizures.
#fortinet #cve-2025-64446 #known-exploited-vulnerabilities-kev #malware-disruption #feature-abuse-aivpnapp-stores
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]