symlink
Over 16,000 Fortinet devices compromised with symlink backdoor
Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. This exposure is being reported by threat monitoring platform The Shadowserver Foundation, which initially reported 14,000 devices were exposed. Today, Shadowserver’s Piotr Kijewski told GeekFeed that the cybersecurity organization […]
Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. Earlier this week, Fortinet began sending emails to customers warning that their FortiGate/FortiOS devices were compromised based on telemetry received from FortiGuard devices. These emails were […]
WinRAR flaw bypasses Windows Mark of the Web security alerts
A vulnerability in the WinRAR file archiver solution could be exploited to bypass the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows machine. The security issue is tracked as CVE-2025-31334 and affects all WinRAR versions except the most recent release, which is currently 7.11. Mark of the Web is […]