Tag

#perimeter-security

2 posts tagged #perimeter-security.

Analysis · May 11, 2026 · The Commentary Desk

Cisco is now telling you the patch doesn't clean the box

Cisco's April 23 PSIRT advisory says the ArcaneDoor implant survives upgrading to the September 2025 fixes for CVE-2025-20333 and CVE-2025-20362. Reimage, do not patch.
Analysis · May 8, 2026 · The Commentary Desk

Five critical Fortinet CVEs in 28 months is not a streak of bad luck

Three heap overflows, two auth bypasses, all pre-auth, all ransomware-linked. The pattern in FortiOS and FortiProxy is structural, and patching alone has not been enough to remove attacker access.