Bleeping Computer

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. FortiWeb ...
Wired

Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ Attacks

In recent years, elite commercial spyware vendors like Intellexa and NSO Group have developed an array of powerful hacking tools that exploit rare and unpatched “zero-day” software vulnerabilities to ...
Ars Technica

Commercial spyware vendor exploits used by Kremlin-backed hackers, Google says

Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surveillance vendors (CSVs) represents a worldwide danger because they inevitably find their way ...