Luis Jose Polanco
@luipo_
Followers
546
Following
986
Media
491
Statuses
5K
Apasionado de las Redes, Diplomático,Tecnómano de Profesión, creyente por convicción
ÜT: 18.444808,-69.966044
Joined May 2009
Fortinet Auth Bypass Vulnerability Allows Attackers to Gain Full Control
cybersecuritynews.com
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems.
0
0
0
Fortinet Auth Bypass Vulnerability Allows Attackers to Gain Full Control
cybersecuritynews.com
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems.
0
0
0
SoupDealer Malware slipped past every public sandbox, antivirus solution, and even enterprise EDR/XDR platforms. Next headache!
cybersecuritynews.com
SoupDealer Java loader evades all defenses, targeting Windows users in Türkiye via phishing, loading payloads in memory over Tor.
0
0
0
Tactic:. The attackers sent sophisticated phishing emails impersonating U.S. State Department officials, encouraging victims to generate and share app-specific passwords-a lesser-known security loophole in Gmail.
instagram.com
0
0
0
Exposed Data breach includes Amazon, Apple, Nintendo, Snapchat, Spotify, X, WordPress, Yahoo, and many other types of login info.
dailyhodl.com
A veteran cybersecurity researcher says he's discovered a secret database containing the login credentials for over 184 million accounts across numerous platforms.
0
0
0
Microsoft identified over 394 000 Windows computers globally infected by Lumma malware. Microsoft, Europol, and international partners have disrupted Lumma’s infrastructure, cutting off communications between the malicious tool and victims #maas
europol.europa.eu
Europol’s European Cybercrime Centre has worked with Microsoft to disrupt Lumma Stealer (“Lumma”), the world’s most significant infostealer threat.
0
0
0
Developers and organizations running Node.js are strongly urged to update to the latest patched versions immediately. #cybersecurity
cybersecuritynews.com
The newly disclosed Node.js vulnerability (CVE-2025-23166) allows attackers to remotely crash Node.js processes, threatening the stability of services worldwide. Immediate patching is essential to...
0
0
0
Genius!!! (unless the super computer lifespan is only a few years and the cost to put in orbit is greater to the resources needed on earth)
scmp.com
Once complete, the space-based Three-Body Computing Constellation will support real-time, in-orbit data processing.
0
0
0
Attackers with knowledge of existing admin accounts can access devices as legitimate administrators, completely bypassing the authentication process. #cybersecurity
cybersecuritynews.com
Fortinet has disclosed a significant security vulnerability affecting multiple Fortinet products, allowing attackers to bypass authentication and gain administrative access to affected systems.
0
0
0
Fortinet has observed the threat actors deploying malware on hacked devices, adding cron jobs designed to harvest credentials, and dropping scripts to scan the victims' networks. #cybersecurity #fortinet
bleepingcomputer.com
Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems.
0
0
0
Las funciones de acceso remoto de los routers afectados han permitido a los delincuentes hacer que los dispositivos acaben formando parte de una botnet (red de equipos infectados). #cybersecurity
xatakamovil.com
Al igual que el móvil, el router también se actualiza. Es algo que no deberíamos descuidar, ya que haciéndolo nos aseguramos de que el dispositivo tiene los...
0
0
0
The vulnerability, tracked as CVE-2025-29824, was tagged by Microsoft as exploited in a limited number of attacks and patched during last month's Patch Tuesday.
bleepingcomputer.com
The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems.
0
0
0
Attackers can deploy a multi-stage attack chain consisting of a .NET loader malware functioning as a WebShell, followed by a malicious IIS native module that provides persistent control over the compromised server
cybersecuritynews.com
Threat actors deploying advanced IIS malware against South Korean web servers, allowing attackers to intercept and manipulate all incoming web traffic while remaining hidden from security solutions.
0
0
0
These devices, which were released many years back and no longer receive security updates from their vendors, are vulnerable to external attacks leveraging publicly available exploits to inject persistent malware.
bleepingcomputer.com
The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks.
0
0
0
An attacker can chain these vulnerabilities to make a sensitive system directory writable, elevate their privileges to SMA administrator, and write an executable file to a system directory. This chain results in root-level RCE
bleepingcomputer.com
SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks
0
0
0
A successful exploit could allow the attacker to upload files, perform path traversal, and execute arbitrary commands with root privileges.
thehackernews.com
Cisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote exploits.
0
0
0
This vulnerability allows attackers to map URLs to unintended filesystem locations, potentially leading to code execution or source code disclosure.
cybersecuritynews.com
The CISA has added CVE-2024-38475, a critical vulnerability affecting Apache HTTP Server, to its KEV catalog.
0
0
0