SURIQEdge & VPN security
Vulnerabilities in the internet-facing gear attackers hit first: firewalls, VPNs, and load balancers from Fortinet, Citrix, Ivanti, Palo Alto, and more.
Your Fortinet password reset won't lock the FortiBleed attacker out
CISA declared FortiBleed an emergency on June 18 after 86,644 Fortinet devices were hit. Resetting passwords is not enough: kill live sessions and fix the
INC ransomware never used a zero-day. It used your patch backlog.
INC reached top-tier RaaS in 2026 with no zero-days. Every edge-device flaw it exploits was patched months earlier. Here is what to actually fix.
Cisco called this SD-WAN flaw medium. Attackers used it to take root on your WAN.
CVE-2026-20262 is an actively exploited Cisco SD-WAN Manager flaw that escalates a low-privilege login to root. Federal patch deadline is June 29, and why 6.5
FortiBleed isn't a Fortinet bug. It's every password you never rotated.
FortiBleed exposed working VPN logins for tens of thousands of Fortinet firewalls. There is no CVE to patch; the fix is rotating credentials and enforcing MFA.
FortiSandbox Under Attack: The Box That Catches Malware Is Now the Way In
Three critical FortiSandbox flaws are under active exploitation, two unauthenticated and one patched a week ago. Why a compromised malware sandbox blinds your
Ivanti Sentry's CVE-2026-10520: patch the gateway, then hunt for the breach
Ivanti Sentry CVE-2026-10520 is an unauthenticated root RCE under active attack. CISA's new 3-day patch rule applies; patched gateways were already breached.
Ready to meet the Guardians?
Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.