Fortinet Exploits, AI-Powered Attacks & Emerging Malware Dominate Recent Cybersecurity Landscape

When Your CEO Calls, Will You Know It’s Real?

Phishing attacks are evolving with AI; attackers now leverage voice and video deepfakes of executives, making it increasingly difficult to discern legitimate communications from malicious impersonations. This week’s cybersecurity news underscores this threat, with a critical Fortinet flaw actively exploited and a rise in cloud-native malware designed for long-term access.

Why This Matters

Current security models often assume a perimeter defense, failing to account for the increasing sophistication of attacks that bypass traditional safeguards using stolen credentials or exploiting zero-day vulnerabilities. A single successful exploit, like the actively exploited Fortinet flaw (CVE-2025-64155, CVSS 9.4), could allow attackers complete control of critical infrastructure, leading to data breaches and significant financial losses.

Key Insights

• CVE-2025-64155 (Fortinet FortiSIEM): An unauthenticated remote code execution vulnerability actively being exploited.
• VoidLink: A cloud-native Linux malware framework inspired by Cobalt Strike, prioritizing stealth and long-term access.
• RedVDS: A cybercriminal service offering infrastructure for phishing and fraud campaigns, disrupted by Microsoft & UK authorities, affecting over 190,000 organizations.

Working Example

(Silently omitted as no code was present in context)

Practical Applications

• Use Case: Microsoft disrupting RedVDS demonstrates proactive vendor intervention to shut down criminal-as-a-service infrastructure, protecting downstream users.
• Pitfall: Relying on outdated protocols like Net-NTLMv1 allows attackers to easily steal credentials due to available rainbow tables, even with MFA enabled.

References:

• https://thehackernews.com/2026/01/weekly-recap-fortinet-exploits-redline.html