Bugs Caught in the FortiWeb: Active Attacks Target FortiWeb Zero-Days
Fortinet has recently addressed two actively exploited zero-days in its FortiWeb web application firewall (WAF). These flaws, a command injection…
Security
Legal Restrictions on Vulnerability Disclosure
Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure…
Zero-Day Vulnerability: How Dangerous Are They?
Zero-day vulnerabilities sit at the center of many high-profile cyberattacks. Security teams race to defend their environments, while attackers exploit…
DoorDash data breach exposes personal info after social engineering attack
DoorDash says a social engineering attack led to a data breach exposing names, addresses, emails, and phone numbers of users,…
AI and Voter Engagement
Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to…
More Prompt||GTFO
The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4, #5,…
FortiWeb at Risk: Unauthenticated Attackers Gaining Full WAF Control via Admin Creation
A critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewalls (WAF), identified as CVE-2025-64446 with a CVSS score of…
Weekly Update 478
Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing This week, it was…
Friday Squid Blogging: Pilot Whales Eat a Lot of Squid
Short-finned pilot wales (Globicephala macrorhynchus) eat at lot of squid: To figure out a short-finned pilot whale’s caloric intake, Gough…
The Role of Humans in an AI-Powered World
As AI capabilities grow, we must delineate the roles that should remain exclusively human. The line seems to be between…