**Week in Review: Top Security Stories**
The past week has been filled with exciting developments in the world of cybersecurity. From critical vulnerabilities to innovative solutions, here's a rundown of the most interesting stories.
FortiSIEM Flaw Exposes Organizations to Remote Attacks
A critical vulnerability (CVE-2025-64155) in Fortinet's FortiSIEM security platform has been exploited by attackers. The flaw allows unauthenticated, remote attackers to execute unauthorized code or commands on vulnerable FortiSIEM deployments via specially crafted TCP requests.
Rakuten Viber CISO/CTO Discusses Messaging Risks
Liad Shnell, CISO and CTO at Rakuten Viber, spoke with Help Net Security about the challenges of balancing encryption, abuse prevention, and platform resilience in messaging platforms. He highlighted how messaging has become critical infrastructure during crises and conflicts.
Cybersecurity Spending Rises, But Business Impact Remains Elusive
A new study by Expel found that cybersecurity budgets continue to climb, but many security leaders struggle to explain what their spending delivers to the business. The research examines the disconnect between security and finance executives at large enterprises.
Third-Party Risk Management Gaps Concern CISOs
A recent Panorays survey of U.S. CISOs revealed rising third-party incidents and growing regulatory attention, while visibility beyond direct vendors and resources to manage that risk continue to fall short.
Cybersecurity Jobs Available Now
We've scoured the market to bring you a selection of roles that span various skill levels within the cybersecurity field. Check out this weekly selection of cybersecurity jobs available right now.
**Other Notable Stories**
* The NSA has released a set of implementation documents for zero trust adoption, providing guidance on the first steps for organizations to take. * A new study by NTT shows companies expanding AI deployment while gaps in infrastructure readiness, data integrity controls, and governance frameworks continue to limit safe operation at scale. * Cloudflare research suggests that success depends less on experimentation and more on disciplined application modernization tied closely to security strategy.
**InfoSec Products of the Week**
* Acronis has released a new version of its Backup 12.5 product, which includes improved data protection for cloud workloads. * JumpCloud has launched a new identity management platform that integrates with Microsoft Active Directory. * Noction has announced a new network analytics tool that provides real-time visibility into network traffic. * SpyCloud has released a new password security solution that helps organizations protect against phishing attacks.