Month: October 2025

As of October 15, 2025, enterprise operators of Fortinet and Ivanti platforms should immediately review and apply October 2025 security patches and advisories. Fortinet published multiple PSIRTs, including issues in FortiOS/FortiProxy ZTNA, FortiOS CLI controls on specific appliances, FortiIsolator authentication/session handling, FortiClientMac LaunchDaemon permissions, and weak authentication affecting FortiPAM and FortiSwitchManager. Patches and fixed versions are available per PSIRT/NVD.

Red Hat disclosed on October 2, 2025 that a third party accessed a GitLab instance used for internal collaboration by Red Hat Consulting in select engagements; Red Hat removed access, isolated the instance, involved authorities, and is continuing the investigation. The company emphasized the incident is confined specifically to that Consulting GitLab environment. [1][2]. (redhat.com) Who claims what A group calling itself Crimson Collective