Featured Story
Hackers Leak Configs and VPN Credentials for 15,000 FortiGate Devices
A new hacking group calling itself the « Belsen Group » has leaked configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices on the dark web. The group released this information via a Tor site, making it freely available to other cybercriminals.
This massive VPN credential leak underlines the importance of enforcing multi-factor authentication (MFA) and limiting VPN exposure. Organizations should monitor for breach indicators, patch FortiGate devices, and restrict remote access to reduce risk. Any VPN access without MFA is a significant vulnerability in 2025.
Other Stories
UK Registry Nominet Breached Via Ivanti Zero-Day
Nominet, the UK domain registry responsible for .uk, .wales, and .cymru, disclosed a security breach where attackers exploited a zero-day vulnerability in Ivanti VPN appliances.
VPN infrastructure continues to be a high-value target. Even mature organizations like Nominet can fall victim to zero-day exploitation. This highlights the need for up-to-date patching, strong access controls, and defense-in-depth across perimeter systems.
OWASP’s New LLM Top 10 Shows Emerging AI Threats
OWASP has released a Top 10 list for Large Language Model (LLM) applications. With 63% of organizations piloting AI coding assistants, this guide highlights risks in AI-generated code and generative AI workflows.
OWASP’s LLM Top 10 is a crucial new resource for developers and cybersecurity teams. As AI becomes integral to development, understanding the risks it introduces is key to building safe, secure systems. These guidelines should be reviewed and adopted into secure coding practices.
Severe Rsync Vulnerabilities — CVSS 9.8 — Risk RCE and Data Leaks
Six vulnerabilities, including CVE-2024-12084, have been disclosed in the Rsync utility. These bugs allow remote code execution and data exfiltration. Affected users must upgrade to version 3.4.0.
Rsync is used in countless Linux/Unix environments. These vulnerabilities are severe, especially for systems using Rsync daemons over public mirrors. Patch now and audit Rsync configurations to prevent data leaks or remote exploitation.
Would Lidl Give a Vacuum Cleaner as a Gift? Beware of Scams
A phishing email is circulating claiming to be from Lidl, offering a vacuum cleaner as a reward. This is a scam designed to harvest user data and credentials through fake websites.
Don’t trust reward offers via email. Never click unknown links or download attachments. Forward suspicious messages to:
verdacht@safeonweb.besuspect@safeonweb.besuspicious@safeonweb.beOur SOC is available to assist if you receive scam messages or need verification.
Contact the Approach Cyber SOC team for tailored support and training programs.
