WordPress, OpenSSL, Fortinet zero-days: patches shipped and KEV escalations
WordPress 6.9/7.0 core RCE patched Friday with forced updates; OpenSSL HollowByte DoS flaw allows 11-byte memory exhaustion; two Fortinet FortiSandbox command-injection vulns in CISA KEV catalog. NadMesh botnet harvesting AWS keys from exposed AI services.