The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

This new 'sleeperware' doesn't set off alarms or crash your system - it sneaks in and waits

Moving up the ranks is a malware that plays dead until it's ripe to strike.