The main attacks and vulnerabilities compiled by our experts last week: 18th—24th February.

Check out our Cyber Security weekly briefing: the main attacks and vulnerabilities found by our teams of experts.

Here are the most relevant headlines of the week, download our full report and take note:

Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb

Fortinet has issued a security advisory fixing two critical vulnerabilities affecting its FortiNAC and FortiWeb products.

Access credentials of two major data center operators exposed

The Resecurity team has published an investigation into the sale of login credentials of two data center operators in Asia, namely GDS Holdings Ltd. (China) and ST Telemedia Global Data Centres (Singapore).

Fake ChatGPT applications used to distribute malware

Kaspersky researchers warn of a fake Windows desktop version of ChatGPT being used to distribute malware.

Vulnerabilities in VMware products

VMware has issued two security advisories warning of two critical vulnerabilities affecting several of the company’s products:

  1. According to the vendor, the most critical security flaw has been reported as CVE-2023-20858, with a CVSSv3 of 9.1, which affects Carbon Black App Control.
  2. Another vulnerability has been published as CVE-2023-20855, with a CVSSv3 of 8.8 according to the vendor, which impacts vRealize Orchestrator, vRealize Automation, and Cloud Foundation products.

Phishing campaign via PayPal

Avanan researchers have reported a new phishing campaign sent from the PayPal platform.

Related news

Stay up to date. Get the latest news and trends
Sign Up