Skip to content

Author: Brandon Cummings

Brandon is the Director of Platform Development at Léargas Security Inc., with over 20 years of experience in software development and data modeling. Known for his expertise in backend and frontend frameworks, he has been pivotal in projects focused on data analysis and reporting. With a keen eye for detail and a relentless pursuit of excellence, Brandon excels at transforming complex requirements into scalable, robust solutions. Before joining Léargas, Brandon specialized in scalable deployments and security solutions, contributing to companies like Dell and IBM by enhancing their data analytics and user experience. Skilled in JavaScript, Python, React, and Node.js, he brings technical versatility and fosters a culture of innovation and collaboration.

FortiCloud SSO Authentication Bypass in Fortinet FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager

December 9, 2025 | | 7 minutes
Fortinet has released security fixes for four vulnerabilities that affect authentication and login flows across multiple products, including two critical FortiCloud SSO authentication bypass issues in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager (CVE‑2025‑59718 and CVE‑2025‑59719) and additional login weaknesses in FortiSOAR (CVE‑2025‑59808) and FortiWeb (CVE‑2025‑64471). As of December 9, 2025, patches are available, and administrators are urged to disable FortiCloud SSO login where in use
Read More
Brandon CummingsBy Brandon Cummings

Inside the Salesloft Drift OAuth Breach: How OAuth Tokens Fueled a Salesforce Data Theft Campaign—and How to Respond

August 29, 2025 | , , | 7 minutes
A coordinated data theft campaign leveraged compromised OAuth access and refresh tokens tied to the Salesloft Drift integration to pull large datasets from many organizations’ Salesforce instances. Google’s Threat Intelligence Group (GTIG) attributes the activity to UNC6395 and observed systematic SOQL querying focused on harvesting credentials and secrets from CRM records. The activity window runs from at least August 8 to August 18, 2025;
Read More
Brandon CummingsBy Brandon Cummings

CISA ICS Advisories (August 28, 2025): Nine Vendor Vulnerabilities, CVEs, and Fixes

August 29, 2025 | , , , | 10 minutes
On August 28 2025, CISA published nine advisories covering Mitsubishi Electric, Schneider Electric, Delta Electronics, GE Vernova, and Hitachi Energy. Several issues are remotely exploitable with low attack complexity; patches exist for many products, while some Mitsubishi Electric PLC weaknesses require compensating controls only. No known public exploitation is reported as of August 28, 2025 [1]. (cisa.gov) Overview These ICS advisories span PLCs, HMI/SCADA
Read More
Brandon CummingsBy Brandon Cummings