• Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
• NVD Revamps Operations as Vulnerability Reporting Surges
• Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today
• Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems
• Why security culture is crypto’s strongest asset
• Ransomware groups push negotiations to new levels of uncertainty
• Why remote work is a security minefield (and what you can do about it)
• iOS devices face twice the phishing attacks of Android
• New infosec products of the week: April 11, 2025
• Google Cloud: China Achieves “Cyber Superpower” Status
• Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity
• Over 40% of UK Businesses Faced Cybersecurity Breaches in 2024
• SpyNote Malware Targets Android Users with Fake Google Play Pages
• Trump orders revocation of security clearances for Chris Krebs, SentinelOne
• AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites
• Operation Endgame Continues with Smokeloader Customer Arrests
• WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit
• Precision-Validated Phishing Elevates Credential Theft Risks
• Ransomware Attacks Hit All-Time High as Payoffs Dwindle

A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original access vector was locked down, Fortinet has revealed on Thursday. “[Read-only access] was achieved via creating a symbolic link connecting the user filesystem and the root filesystem in a folder used to serve language files for the SSL-VPN,” Fortinet CISO Carl …