CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of Russian-speaking threat actors, has been codenamed FortiBleed. The number of ...
Read More »Author Archives: firewallfirmadmin
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant
Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant https://firewall.firm.in/wp-content/uploads/2026/06/hotel-photo-zip.jpg Swati KhandelwalJun 26, 2026Phishing / Malware An active phishing campaign has been targeting hotel and other hospitality organizations across Europe and Asia since April 2026, using photo-themed ZIP files to drop a Node.js implant and dig into front-desk machines, Microsoft says. The company has not attributed the activity to ...
Read More »Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack
Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack https://firewall.firm.in/wp-content/uploads/2026/06/Miasma.jpg Cybersecurity researchers have flagged yet another evolution of the supply chain attack linked to the Mini Shai-Hulud, Miasma, and Hades malware family that has compromised a new set of npm packages, even as it has propagated to the Go ecosystem. “The latest activity includes malicious npm releases ...
Read More »Guardian Agents: The Next Layer of Identity Governance
Guardian Agents: The Next Layer of Identity Governance https://firewall.firm.in/wp-content/uploads/2026/06/guardian-agents.jpg AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal oversight. The identity infrastructure built to govern human access wasn’t designed for autonomous actors, and the gap between what enterprises are deploying and what their governance programs actually cover is widening fast. ...
Read More »New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets
New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets https://firewall.firm.in/wp-content/uploads/2026/06/dirtyclone.jpg Swati KhandelwalJun 26, 2026Linux / Vulnerability DirtyClone is a new Linux kernel privilege escalation in the DirtyFrag family. JFrog Security Research published a working exploit walkthrough for the flaw on June 25, the first public demonstration for this variant. Tracked as CVE-2026-43503 (CVSS 8.8), it lets a local user corrupt ...
Read More »CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue
CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue https://firewall.firm.in/wp-content/uploads/2026/06/ptc.jpg Ravie LakshmananJun 26, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical remote code execution vulnerability impacting PTC Windchill PDMlink and PTC FlexPLM enterprise Product Data Management (PDM) and Product Lifecycle Management (PLM) software to its Known ...
Read More »Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs https://firewall.firm.in/wp-content/uploads/2026/06/aws.jpg Swati KhandelwalJun 26, 2026AI Security / Vulnerability A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud credentials. The path was short: a developer opens the repo, trusts the workspace, and Amazon Q does the rest. Amazon has ...
Read More »New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries
New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries https://firewall.firm.in/wp-content/uploads/2026/06/linux-cow.jpg Swati KhandelwalJun 26, 2026Linux / Vulnerability A flaw in the Linux kernel’s traffic-control subsystem can let a local unprivileged user gain root on affected systems. CVE-2026-46331, nicknamed “pedit COW,” is an out-of-bounds write in the packet-editing action (act_pedit) that corrupts shared page-cache memory. A public, working exploit appeared within ...
Read More »New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks
New SharkLoader Malware Deploys Cobalt Strike in StrikeShark Cyberattacks https://firewall.firm.in/wp-content/uploads/2026/06/shark.jpg A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt Strike Beacon on compromised hosts. Kaspersky, which is tracking the activity under the moniker StrikeShark, said the campaign has targeted a diplomatic organization in Indonesia, ...
Read More »FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys
FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys https://firewall.firm.in/wp-content/uploads/2026/06/signal-phishing.jpg Swati KhandelwalJun 26, 2026Secure Messaging / Social Engineering The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, and the operators have added a step: they now coax targets into handing over their Signal Backup Recovery Key. Hand it over once, and the attacker can restore ...
Read More »
Firewall Security Company India Complete Firewall Security Solutions Provider Company in India











