Indicators of Compromise

ISC Stormcast For Thursday, April 9th, 2026 https://isc.sans.edu/podcastdetail/9886, (Thu, Apr 9th)

SANS ISC →

U.S. CISA adds a flaw in Ivanti EPMM to its Known Exploited Vulnerabilities catalog

The U.S.

Security Affairs →

FortiGate CVE-2025-59718 Exploitation: Incident Response Findings

Rapid7’s Incident Response (IR) team was engaged to investigate an incident involving exploitation of CVE-2025-59718 against a vulnerable FortiGate appliance...

Rapid7 Blog →

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-1340 Ivanti End...

CISA Advisories →

Multiple OpenSSL Flaws Expose Sensitive Data in RSA KEM Handling

A newly disclosed flaw in OpenSSL could allow attackers to access sensitive data stored in application memory. Tracked as CVE-2026-31790, this moderate-sever...

GBHackers →

Docker Authorization Bypass Flaw Exposed Hosts to Potential Attackers

A high-severity security vulnerability has been discovered in Docker Engine, exposing hosts to potential authorization bypass attacks. Tracked as CVE-2026-34...

GBHackers →

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.

Help Net Security →

Claude Identifies Critical 13-Year-Old RCE Vulnerability in Apache ActiveMQ

An AI assistant recently uncovered a critical remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that went unnoticed for 13 years. Tracked ...

GBHackers →

OpenSSL 3.6.2 lands with eight CVE fixes

OpenSSL 3.6.

Help Net Security →

Tipps für CISOs, die die Branche wechseln wollen

Tipps für CISOs mit “Vertical-Switch-Ambitionen”. FotoDax | shutterstock.

CSO Online →

ISC Stormcast For Wednesday, April 8th, 2026 https://isc.sans.edu/podcastdetail/9884, (Wed, Apr 8th)

SANS ISC →

Active exploitation of max severity Flowise bug threatens broad compromise

More than 12,000 internet-exposed instances of open-source AI agent builder Flowise could be compromised by the ongoing exploitation of the maximum-severity ...

SC Media →

Immediate remediation of Fortinet FortiClient EMS bug ordered by CISA

BleepingComputer reports that the Cybersecurity and Infrastructure Security Agency has called on federal civilian executive agencies to remediate Fortinet Fo...

SC Media →

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Hackers have been exploiting a critical vulnerability in FortiClient Endpoint Management Server (FortiClient EMS) since at least the end of March. Fortinet h...

CSO Online →

Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution

Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to p...

Security Affairs →

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agen...

BleepingComputer →

Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access

A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specif...

The Hacker News →

Mitsubishi Electric GENESIS64 and ICONICS Suite products

View CSAF Summary Successful exploitation of these vulnerabilities could allow a local attacker to disclose SQL Server credentials used by the affected produ...

CISA Advisories →

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog

The U.S.

Security Affairs →

Attackers Exploit Flowise Injection Vulnerability as 15,000+ Instances Remain Exposed

A critical security flaw in Flowise, a popular open-source AI development platform, is currently being exploited in the wild. Tracked as CVE-2025-59528, this...

GBHackers →