Fortinet has disclosed a critical OS command injection vulnerability (CVE-2025-25256) in its FortiSIEM security information and event management software, with practical exploit code actively observed in the wild. This flaw allows unauthenticated attackers to execute unauthorized commands via crafted CLI requests. Concurrently, Cisco has warned of a maximum severity CVSS 10.0 vulnerability in its Secure Firewall Management Center (FMC) related to RADIUS authentication, enabling remote code execution without requiring login. Security researchers have also reported a surge in brute-force attempts targeting these vulnerabilities. Additionally, cybersecurity firms have identified ongoing threats including a modular malware framework called "PS1Bot" involved in an active malvertising campaign, and multiple malicious Go packages using obfuscation techniques to hide payload retrieval commands. Furthermore, a new attack chain spreading the DarkCloud infostealer via ConfuserEx-based obfuscation has been documented. Separately, over 29,000 instances of a high-severity on-premises Microsoft Exchange Server flaw remain unpatched despite advisories from Microsoft and CISA.