Fortinet and Cisco Face Critical Exploits as Cyber Threats Surge
Fortinet and Cisco Face Critical Exploits as Cyber Threats Surge
On January 17, 2026, cybersecurity professionals are on high alert due to critical vulnerabilities being exploited in widely-used products from Fortinet and Cisco. A command injection vulnerability (CVE-2025-64155) in Fortinet's FortiSIEM has been actively targeted, enabling attackers to execute arbitrary commands on affected systems. Organizations are strongly urged to apply the latest patches immediately to mitigate this significant risk.
Simultaneously, a zero-day vulnerability in Cisco's Secure Email Gateway poses severe threats, with unauthorized access attempts already reported. Companies leveraging this solution must prioritize updates to safeguard their email communications. These incidents underline the persistent challenges organizations face from advanced cyber threats, necessitating continuous vigilance and rapid response to vulnerabilities.
Also In Security Today
- StealC Malware Vulnerability: A cross-site scripting (XSS) vulnerability in the StealC malware's web control panel has been uncovered, allowing operators to steal session cookies and observe active sessions. Organizations must secure their interfaces to prevent exploitation. Read more.
- Ransomware Attack on Healthcare Provider: A healthcare provider has reported a ransomware attack impacting patient data. Investigations are ongoing, emphasizing the need for robust backup and recovery plans. Read more.
- Phishing Campaign Targets Financial Institutions: A new phishing campaign is targeting financial institutions, using AI-generated emails that appear legitimate. Organizations should enhance user training and email filtering mechanisms. Read more.