Fortinet Zero-Day Exploitation and CISA Directive — Dark Reading

Fortinet has issued an emergency patch for a zero-day vulnerability, CVE-2026-35616, in FortiClient, which allows for authentication bypass. This flaw has been actively exploited, prompting CISA to mandate federal agencies to patch the Fortinet EMS flaw by Friday. This highlights the urgency for organizations using Fortinet products to apply the patch immediately to prevent unauthorized access and potential data breaches.

German Authorities Identify REvil and GandCrab Leaders — BleepingComputer

German Federal Police have identified two Russian nationals as the leaders of the notorious ransomware groups REvil and GandCrab. This identification follows extensive investigations into the ransomware operations that have targeted numerous organizations globally. Security teams should be aware of the potential for retaliatory attacks and ensure robust defenses against ransomware threats, particularly those linked to these groups.

• New GPUBreach attack enables system takeover via GPU rowhammer [BleepingComputer]
• AI-Assisted Supply Chain Attack Targets GitHub [Dark Reading]
• Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations [The Hacker News]
• DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea [The Hacker News]