Cybersecurity and Infrastructure Security Agency (CISA)
Citrix rated the overall bulletin severity as high and assigned CVSS scores ranging from 6.9 to 8.8 across the six CVEs. (Photo by Justin Sullivan/Getty Images)
WASHINGTON, DC – JUNE 30: White House Office of Management and Budget Director Russell Vought testifies before a House Appropriations Subcommittee on Capitol Hill on June 30, 2026 in Washington, DC. The Subcommittee on Financial Services and General Government heard testimony from Vought on President Trump’s FY2027 budget request. (Photo by Anna Moneymaker/Getty Images)
Cisco Systems, Inc. logo and lettering can be seen on the Cisco Systems GmbH headquarters building in Garching near Munich (Bavaria). Cisco is a US company from the telecommunications industry and is primarily known for its routers and switches. (Photo by Matthias Balk/picture alliance via Getty Images)
Mandiant detailed the incident in a blog post Wednesday, but it’s unclear who was behind it or if they managed to get broad visibility into the victim’s…
A diffuse landscape, fruitful targets, companies not stepping up, AI’s influence and flagging U.S. government efforts all figure into a shifting threat.
Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign.