Cyber Security Headlines Fortinet VPN exploit, Google gmail change, Aflac breach update
16 snips
Dec 26, 2025 This week, a serious flaw in Fortinet VPNs is being actively exploited, allowing for MFA bypass through simple username tweaks. In a surprising twist, Google hints at a potential feature that could allow users to change their default Gmail address. Meanwhile, Aflac faces fallout from a breach that compromised data for 22 million individuals, attributed to the group Scattered Spider. Other highlights include a critical MongoDB vulnerability and Microsoft's ambitious plan to replace C/C++ with Rust by 2030.
AI Snips
Chapters
Transcript
Episode notes
Mitigate Fortinet VPN MFA Bypass
- Run Fortinet's recommended command to disable username case sensitivity if you use 40OS SSL VPN versions listed.
- Apply the mitigation immediately when prerequisites match to prevent MFA bypass exploitation.
Gmail Primary Address May Become Editable
- Google may be testing the ability to change a primary Gmail address, hinted by a support doc found in a Hindi Telegram group.
- If rolled out, this would shift how users manage aliases and primary addresses on Gmail.
Aflac Breach Scope And Attribution
- Aflac's June breach exposed data for over 22 million U.S. customers, including SSNs and health data.
- The attack was attributed to Scattered Spider and did not involve ransomware, per Aflac's statement.