CISA Warns of Actively Exploited Fortinet Zero-Day; FBI Details Akira Ransomware's $250M Spree

Publication Date: November 16, 2025

Summary

In cybersecurity news for November 15-16, 2025, the landscape is dominated by the active exploitation of a critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb WAF, prompting an emergency directive from CISA. Concurrently, the FBI and CISA issued a stark warning about the Akira ransomware gang, which has extorted nearly $250 million from critical infrastructure sectors by exploiting VPNs. Other major developments include the discovery of an APT using two zero-days against Cisco and Citrix systems, a proposed overhaul of UK cybersecurity law, and a documented 30% surge in ransomware attacks in October, highlighting the rise of new groups like Qilin and Sinobi.

Today New Articles

Critical RCE Flaws in AI Engines From Meta, NVIDIA, Microsoft Discovered

Security researchers have discovered critical remote code execution (RCE) vulnerabilities in widely used AI inference servers from major tech companies, including Meta, NVIDIA, and Microsoft, as well as open-source projects like vLLM. The vulnerabilities stem...

RansomHouse Hits H&M and Adidas Supplier in Major Fashion Supply Chain Attack

The RansomHouse ransomware group has attacked Fulgar S.p.A., a major Italian textile manufacturer and a key supplier for global fashion brands like H&M and Adidas. The attack, confirmed on November 3, 2025, resulted in the exfiltration and leak of sensitive co...

Pig Butchering Scams Evolve into Global Cybercrime Menace, FBI Warns

A new threat intelligence report, supported by warnings from the FBI, details the rapid evolution of "Pig Butchering" scams into one of the most economically damaging forms of global cybercrime. These sophisticated, long-con investment schemes leverage social...

Article Updates

Ransomware Attacks Surge 50% in 2025; Qilin Group Takes the Lead

Update:Ransomware activity saw a significant 30% increase in October 2025, reaching 623 incidents, marking the second-highest monthly total on record. The year-to-date total now exceeds 5,194 incidents, a 50% rise from 2024. The Qilin group continues to lead, claimin...

APT Caught Exploiting Cisco & Citrix Zero-Days in Sophisticated Attack

Update:The Citrix vulnerability, CVE-2025-5777, has been dubbed 'CitrixBleed 2'. Further technical analysis of CVE-2025-20337 in Cisco ISE reveals it is a deserialization flaw in an undocumented API endpoint, exploited via an anomalous payload. The attack chain align...

Checkout.com Rejects Ransom After ShinyHunters Breach, Donates to Research

Update:Further reports confirm Checkout.com's data breach and subsequent extortion attempt. The company continues to assert that no sensitive cardholder or financial data was compromised, reinforcing its initial statements. Checkout.com maintained its refusal to enga...

Fortinet Patches Actively Exploited FortiWeb Zero-Day (CVE-2025-64446)

Update:New intelligence reveals attackers exploiting CVE-2025-64446 are creating unauthorized administrator accounts on compromised FortiWeb devices to establish persistence. This critical development escalates the threat, as it ensures continued access even after in...