The Security Brief

A patch released three weeks ago has turned into a live incident. CVE-2026-20230, a flaw in Cisco Unified Communications Manager, is now being exploited in the wild, and an attacker who pulls it off lands with root on the server running an organisation's phone system. Cisco shipped the fix on 3 June. The attacks started over the weekend of 21 to 22 June. What Happened CVE-2026-20230 is a server-side request forgery weakness in Cisco Unified Communications Manager and its Sess

Roughly 75,000 Fortinet FortiGate firewalls have had their administrator credentials exposed in a dataset now circulating among researchers, and in all likelihood among criminals. These devices sit at the edge of corporate networks across 194 countries, and the credentials appear to be current. For any organisation running FortiGate as its perimeter, this is something to act on this week, not next quarter. What Happened The campaign, named FortiBleed, was first disclosed on 1

A critical authentication bypass in Check Point's Remote Access VPN has been quietly exploited since 7 May, and at least one of the resulting intrusions ended in Qilin ransomware. CISA has given US federal agencies just three days to patch. If your organisation still accepts IKEv1 VPN connections, this story is about you. What Happened On 8 June, Check Point disclosed CVE-2026-50751, a critical authentication bypass (CVSS 9.3) affecting Remote Access VPN, Mobile Access and Sp