El Gordo Redes

‼️🚨 Unauthenticated attackers are gaining SYSTEM on domain controllers with crafted packets. The vulnerability being exploited is CVE-2026-41089, a CVSS 9.8 hole in Windows Netlogon, and exploitation in the wild has been confirmed. A patch has existed since May 12. Every DC still behind is not just vulnerable, but according to the Centre for Cybersecurity Belgium are also actively being pwnd.

🚨 Ivanti, Fortinet, and SAP releases patches for critical flaws that could enable code execution, admin takeover, or data exposure. The worst one hits Ivanti Sentry, a CVSS 10.0 remote root-level RCE with no login needed. FortiSandbox got a 9.1 command injection fix, and SAP patched four critical bugs, including SAML identity tampering. Read: https://t.co/nAbhKKRAoP

🚨 Fortinet FortiSandbox Vulnerability Allows Attackers to Execute Unauthorized Commands Source: https://t.co/e9XjG1eXZT Fortinet has disclosed a critical security vulnerability in its FortiSandbox product line that could allow unauthenticated remote attackers to execute arbitrary OS commands through the web interface. The flaw, tracked as CVE-2026-25089 and assigned a CVSSv3 score of 9.1 (Critical), affects multiple versions of FortiSandbox, FortiSandbox Cloud, and FortiSandbox PaaS deployments. The vulnerability stems from an improper neutralization of special elements used in an OS command (CWE-78) commonly known as OS command injection present in the FortiSandbox Web UI. By sending specifically crafted HTTP requests, a remote, unauthenticated attacker can exploit this flaw to execute unauthorized commands on the underlying system. #cybersecuritynews

🚨 A single domain user could run code on your Veeam Backup Server. Veeam has patched a critical RCE flaw (CVE-2026-44963, CVSS 9.4) in Backup & Replication. All v12 builds up to 12.3.2.4465 are affected. Fixed in 12.3.2.4854. v13.x is safe. Patch now: https://t.co/ZIuU1eGBif

🚨 Microsoft Patch Tuesday June 2026 – 198 Vulnerabilities Fixed, Including 3 Zero-days Source: https://t.co/Csceg0d4Iv Microsoft has released its June 2026 Patch Tuesday security updates, addressing a hefty 198 vulnerabilities across its product ecosystem. The June rollout, published on June 9, 2026, stands out not only for its volume but also for the inclusion of three zero-day vulnerabilities that were actively exploited or publicly known before a fix was available. Given three actively known zero-days and multiple Critical RCEs, security teams should test and deploy this month's updates without delay, prioritizing BitLocker, HTTP.sys, Remote Desktop, and Hyper-V hosts. #cybersecuritynews