Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Cisco
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …

Cisco
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

SonicWall
SonicWall says attackers compromised some firewall configuration backup files

Between attackers exploiting 0-day and n-day vulnerabilities in the company’s firewalls and Secure Mobile Access appliances, SonicWall and its customers have had a tough …

Fortinet
Brute-force attacks hammer Fortinet devices worldwide

A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed …

SonicWall
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. …

SonicWall
SonicWall firewalls targeted in ransomware attacks, possibly via zero-day

Attackers wielding the Akira ransomware and possibly a zero-day exploit have been spotted targeting SonicWall firewalls since July 15, 2025. “In the intrusions reviewed, …

Palo Alto Networks
PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108)

Palo Alto Networks has fixed a high-severity authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-gen firewalls, a proof-of-concept …

Fortinet
48,000+ internet-facing Fortinet firewalls still open to attack

Despite last week’s confirmation of and warnings about long-standing exploitation of CVE-2024-55591, a critical vulnerability affecting Fortinet Fortigate firewalls, too …

Fortinet
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?

A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been …

Fortinet
Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)

Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day …

SafeLine WAF
SafeLine: Open-source web application firewall (WAF)

SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web …

Palo Alto Networks
2,000 Palo Alto Networks devices compromised in latest attacks

Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools