Go Gadget News — Daily Curated Tech News_
// Daily curated byte-sized tech news from around the web. 235 stories pulled across 18 feeds. Cache rotates every 30 minutes.
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world
An alleged Russian-speaking group of cybercriminals are reportedly compromising and targeting several major companies that use Fortinet Firewalls and VPNs through previously known passwords.
iOS 27 Turns Your HomeKit Security System Into A 4K Powerhouse
Apple is overhauling how the Home app handles security camera footage in iOS 27. HomeKit Secure Video is getting some real upgrades from Apple Intelligence.
![](/go?u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffortibleed-leak-exposes-fortinet-vpn-credentials-for-73-000-devices%2F&t=FortiBleed%20leak%20exposes%20Fortinet%20VPN%20credentials%20for%2073%2C000%20devices.&s=BleepingComputer&i=https%3A%2F%2Fwww.bleepstatic.com%2Fcontent%2Fhl-images%2F2023%2F03%2F13%2FFortinet.jpg&d=A%20newly%20discovered%20data%20leak%20dubbed%20"FortiBleed"%20has%20exposed%20what%20appears%20to%20be%20a%20collection%20of%20Fortinet%20and%20FortiGate%20VPN%20credentials%20for%2073%2C932%20firewall%20URLs%20at%20organizations%20worldwide.%20[...])
FortiBleed leak exposes Fortinet VPN credentials for 73,000 devices.
A newly discovered data leak dubbed "FortiBleed" has exposed what appears to be a collection of Fortinet and FortiGate VPN credentials for 73,932 firewall URLs at organizations worldwide. [...]
Why Account Takeovers Are Rising and How to Stop Them
Account takeovers are rising as attackers bypass traditional defenses through phishing, session hijacking, and MFA fatigue. Specops Software explores how device trust and continuous verification help reduce account takeover risk. [...]
The White House app will reportedly be auto-installed on Homeland Security staff's devices
The White House app will be automatically loaded onto DHS staff's work phones, Politico said.
%20has%20ordered%20federal%20agencies%20to%20patch%20a%20maximum-severity%20flaw%20in%20the%20Widget%20Factory%20Joomla%20Content%20Editor%20(JCE)%20plugin%20that%20is%20being%20actively%20exploited%20in%20the%20wild.%20[...])
CISA orders feds to patch max severity Joomla plugin flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity flaw in the Widget Factory Joomla Content Editor (JCE) plugin that is being actively exploited in the wild. [...]
![](/go?u=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-working-on-defender-patch-for-rogueplanet-zero-day%2F&t=Microsoft%20working%20on%20Defender%20patch%20for%20RoguePlanet%20zero-day&s=BleepingComputer&i=https%3A%2F%2Fwww.bleepstatic.com%2Fcontent%2Fhl-images%2F2026%2F06%2F17%2FMicrosoft-Defender.jpg&d=Microsoft%20confirmed%20that%20it's%20working%20on%20a%20security%20patch%20for%20a%20Defender%20zero-day%20vulnerability%20named%20"RoguePlanet%2C"%20disclosed%20one%20week%20ago.%20[...])
Microsoft working on Defender patch for RoguePlanet zero-day
Microsoft confirmed that it's working on a security patch for a Defender zero-day vulnerability named "RoguePlanet," disclosed one week ago. [...]
Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data. [...]
%22%2F%3E%0A%20%20%20%20%20%20%3Cstop%20offset%3D%22100%25%22%20stop-color%3D%22hsl(199%2070%25%208%25)%22%2F%3E%0A%20%20%20%20%3C%2FlinearGradient%3E%0A%20%20%20%20%3Cpattern%20id%3D%22grid%22%20width%3D%2240%22%20height%3D%2240%22%20patternUnits%3D%22userSpaceOnUse%22%3E%0A%20%20%20%20%20%20%3Cpath%20d%3D%22M%2040%200%20L%200%200%200%2040%22%20fill%3D%22none%22%20stroke%3D%22hsl(159%2080%25%2055%25%20%2F%200.18)%22%20stroke-width%3D%221%22%2F%3E%0A%20%20%20%20%3C%2Fpattern%3E%0A%20%20%3C%2Fdefs%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23g)%22%2F%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23grid)%22%2F%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%2280%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2222%22%20fill%3D%22hsl(159%2090%25%2070%25)%22%20letter-spacing%3D%222%22%3E%26gt%3B%20BLEEPINGCOMPUTER%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22240%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2228%22%20fill%3D%22hsl(0%200%25%2095%25)%22%20font-weight%3D%22700%22%3EUK%20to%20require%20ID%20or%20face%20scan%20before%20you%20can%20make%20social%20...%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22410%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2216%22%20fill%3D%22hsl(159%2060%25%2060%25%20%2F%200.8)%22%3E%5B%20no_preview.img%20%5D%3C%2Ftext%3E%0A%3C%2Fsvg%3E)
UK to require ID or face scan before you can make social media accounts
Opening a new social media account in the UK will soon mean proving you're over 16 with an ID upload or a facial age scan, under a government ban on under-16s taking effect in spring 2027. Security experts warn the age checks are easy to ci
%22%2F%3E%0A%20%20%20%20%20%20%3Cstop%20offset%3D%22100%25%22%20stop-color%3D%22hsl(199%2070%25%208%25)%22%2F%3E%0A%20%20%20%20%3C%2FlinearGradient%3E%0A%20%20%20%20%3Cpattern%20id%3D%22grid%22%20width%3D%2240%22%20height%3D%2240%22%20patternUnits%3D%22userSpaceOnUse%22%3E%0A%20%20%20%20%20%20%3Cpath%20d%3D%22M%2040%200%20L%200%200%200%2040%22%20fill%3D%22none%22%20stroke%3D%22hsl(159%2080%25%2055%25%20%2F%200.18)%22%20stroke-width%3D%221%22%2F%3E%0A%20%20%20%20%3C%2Fpattern%3E%0A%20%20%3C%2Fdefs%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23g)%22%2F%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23grid)%22%2F%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%2280%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2222%22%20fill%3D%22hsl(159%2090%25%2070%25)%22%20letter-spacing%3D%222%22%3E%26gt%3B%20BLEEPINGCOMPUTER%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22240%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2228%22%20fill%3D%22hsl(0%200%25%2095%25)%22%20font-weight%3D%22700%22%3EGhostTree%20Attack%20Abused%20Recursive%20Windows%20Junctions%20to%20Hi...%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22410%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2216%22%20fill%3D%22hsl(159%2060%25%2060%25%20%2F%200.8)%22%3E%5B%20no_preview.img%20%5D%3C%2Ftext%3E%0A%3C%2Fsvg%3E)
GhostTree Attack Abused Recursive Windows Junctions to Hide Malware
GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving malware undetected. [...]
%22%2F%3E%0A%20%20%20%20%20%20%3Cstop%20offset%3D%22100%25%22%20stop-color%3D%22hsl(199%2070%25%208%25)%22%2F%3E%0A%20%20%20%20%3C%2FlinearGradient%3E%0A%20%20%20%20%3Cpattern%20id%3D%22grid%22%20width%3D%2240%22%20height%3D%2240%22%20patternUnits%3D%22userSpaceOnUse%22%3E%0A%20%20%20%20%20%20%3Cpath%20d%3D%22M%2040%200%20L%200%200%200%2040%22%20fill%3D%22none%22%20stroke%3D%22hsl(159%2080%25%2055%25%20%2F%200.18)%22%20stroke-width%3D%221%22%2F%3E%0A%20%20%20%20%3C%2Fpattern%3E%0A%20%20%3C%2Fdefs%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23g)%22%2F%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23grid)%22%2F%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%2280%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2222%22%20fill%3D%22hsl(159%2090%25%2070%25)%22%20letter-spacing%3D%222%22%3E%26gt%3B%20BLEEPINGCOMPUTER%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22240%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2228%22%20fill%3D%22hsl(0%200%25%2095%25)%22%20font-weight%3D%22700%22%3ECISA%20warns%20of%20another%20cPanel%20plugin%20flaw%20exploited%20in%20att...%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22410%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2216%22%20fill%3D%22hsl(159%2060%25%2060%25%20%2F%200.8)%22%3E%5B%20no_preview.img%20%5D%3C%2Ftext%3E%0A%3C%2Fsvg%3E)
CISA warns of another cPanel plugin flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. [..
%22%2F%3E%0A%20%20%20%20%20%20%3Cstop%20offset%3D%22100%25%22%20stop-color%3D%22hsl(199%2070%25%208%25)%22%2F%3E%0A%20%20%20%20%3C%2FlinearGradient%3E%0A%20%20%20%20%3Cpattern%20id%3D%22grid%22%20width%3D%2240%22%20height%3D%2240%22%20patternUnits%3D%22userSpaceOnUse%22%3E%0A%20%20%20%20%20%20%3Cpath%20d%3D%22M%2040%200%20L%200%200%200%2040%22%20fill%3D%22none%22%20stroke%3D%22hsl(159%2080%25%2055%25%20%2F%200.18)%22%20stroke-width%3D%221%22%2F%3E%0A%20%20%20%20%3C%2Fpattern%3E%0A%20%20%3C%2Fdefs%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23g)%22%2F%3E%0A%20%20%3Crect%20width%3D%22800%22%20height%3D%22450%22%20fill%3D%22url(%23grid)%22%2F%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%2280%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2222%22%20fill%3D%22hsl(159%2090%25%2070%25)%22%20letter-spacing%3D%222%22%3E%26gt%3B%20BLEEPINGCOMPUTER%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22240%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2228%22%20fill%3D%22hsl(0%200%25%2095%25)%22%20font-weight%3D%22700%22%3ERansomware%20gang%20abuses%20Microsoft%20Teams%20relays%20to%20hide%20mal...%3C%2Ftext%3E%0A%20%20%3Ctext%20x%3D%2240%22%20y%3D%22410%22%20font-family%3D%22ui-monospace%2C%20SFMono-Regular%2C%20Menlo%2C%20monospace%22%20font-size%3D%2216%22%20fill%3D%22hsl(159%2060%25%2060%25%20%2F%200.8)%22%3E%5B%20no_preview.img%20%5D%3C%2Ftext%3E%0A%3C%2Fsvg%3E)
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. [...]