News

Updates, experience reports and technical articles from the Heavy Mind team.

FortiBleed - 75,000 Fortinet firewalls compromised, credentials stolen across 194 countries

A massive attack campaign has compromised roughly half of all internet-facing Fortinet FortiGate firewalls. VPN and admin credentials stolen, Active Directory pivot confirmed. Immediate action required.

Read more →

CVE-2026-46333 - 'ssh-keysign-pwn': SSH key theft and root credentials via ptrace race condition

A 9-year-old flaw in the Linux kernel's __ptrace_may_access() function allows an unprivileged local user to read SSH host private keys and the /etc/shadow password database. CVSS 5.5, public exploits available. Patches available.

Read more →

CVE-2026-46300 - 'Fragnesia': critical privilege escalation in ESP-in-TCP

A new Linux kernel vulnerability in the XFRM ESP-in-TCP subsystem bypasses the Dirty Frag patch and allows privilege escalation to root. CVSS 7.8. Patches available.

Read more →

What an hour of downtime really costs an SMB

Server down, network cut, business application unavailable - the cost of one hour of downtime almost always exceeds what managers estimate. And most outages last far longer than an hour.

Read more →

Ransomware: what makes the difference in the 72 hours after an attack?

When ransomware hits, recovery doesn't depend on the antivirus you had installed - it depends on the backup you tested. Here's what actually happens in the first 72 hours.

Read more →

CVE-2026-43284 & CVE-2026-43500 - 'Dirty Frag': dual privilege escalation in the Linux kernel

Two chained vulnerabilities in the ESP/IPsec and RxRPC subsystems of the Linux kernel allow an unprivileged local user to obtain root. CVSS 7.8, active exploitation confirmed. Patches being deployed.

Read more →

CVE-2026-31431 - Critical privilege escalation in the Linux kernel

A vulnerability in the Linux kernel's algif_aead module allows an unprivileged user to obtain root. CVSS 7.8, active exploitation confirmed. Patch available.

Read more →