Multiple firms have observed active exploitation of the FortiSandbox defects, and warn that the attacks originate from multiple sources, not a single campaign.

A vulnerability that meets all four criteria would need to be fixed within three days, for instance.

The defect marks the seventh actively exploited zero-day in Cisco SD-WANs this year, and the vendor has yet to release a patch.

The escalated threat posed by the defect showcases how quickly a seemingly mild vulnerability can turn into an urgent warning.

Attackers are hitting a frequent target in the network edge space, intruding victim networks through a defect in a widely used mobile endpoint security product.

The vendor hasn’t released a patch for the vulnerability or described the scope and objective of confirmed attacks.

The actively exploited defect could affect every mainstream Linux distribution built since 2017, but some researchers found Theori’s AI-generated disclosure unhelpful and lacking.

The agency added the flaw to the KEV list days after hosting providers confirmed active, ongoing attacks.

Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…