Breaking News – Cyber Threats (last 6h)
Generated: 2025-12-25 02:00 PST
- Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
The Hacker News • 2025-12-25 00:22 • thehackernews.com
Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain configurations.
The vulnerability in question is CVE-2020-12812 (CVSS score: 5.2), an improper authentication vulnerability in SSL VPN in FortiOS that could allow a user to log in successfully without being prompted for the second factor of authentication if the
https://thehackernews.com/2025/12/fortinet-warns-of-active-exploitation.html - CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
The Hacker News • 2025-12-25 00:07 • thehackernews.com
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video recorders (NVRs) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2023-52163 (CVSS score: 8.8), relates to a case of command injection that allows post-authentication remote code
https://thehackernews.com/2025/12/cisa-flags-actively-exploited-digiever.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
