Weekly Security Threats: FortiGate RaaS, Citrix Exploits & More

Emily Davis · 2026-03-19

ThreatsDay Bulletin is back, and honestly, this week feels a bit off in a way that's strangely familiar. There's nothing earth-shattering, no single attack that's breaking everything at once. Instead, it's a steady stream of smaller vulnerabilities—things that really shouldn't work anymore, but somehow still do. It's like finding an old lock on your back door that you forgot to replace. You know it's not secure, but it hasn't been tested until now. Some of these exploits look almost sloppy at first glance, until you see how effectively they land. Others feel a little too practical, like they've already moved from theory to real-world use faster than anyone expected. ### The Quiet Threats That Keep Working What's fascinating about this week's threats is their persistence. We're not talking about sophisticated zero-days that require nation-state resources. These are older vulnerabilities that organizations should have patched months or even years ago. Yet here they are, still causing problems. It reminds me of that one appliance in your kitchen that makes a weird noise but still works. You keep meaning to replace it, but it keeps chugging along—until one day it doesn't. That's where we are with some of these security issues. They're the digital equivalent of that appliance, and attackers know exactly how to exploit that complacency. ### Why Old Vulnerabilities Still Matter You might wonder why we're still talking about exploits that security teams have known about for ages. The truth is simpler than you'd think: - Patching takes time and resources that many organizations don't have - Some systems can't be updated without breaking critical functions - Security teams are often overwhelmed with newer, flashier threats - Attackers know which vulnerabilities organizations are most likely to neglect It's not about being lazy or careless. It's about the reality of managing complex systems with limited resources. Attackers understand this better than anyone, which is why they keep coming back to these well-worn paths. ### The Practical Nature of Modern Attacks What strikes me about this week's bulletin is how practical everything feels. There's a certain efficiency to these threats that's almost admirable if it weren't so dangerous. Attackers aren't showing off with complex, multi-stage operations. They're using what works, even if it's not the newest tool in the box. As one security researcher put it recently: "The most dangerous attacks aren't the most sophisticated ones. They're the ones that work consistently with minimal effort." That's exactly what we're seeing here. These aren't theoretical exercises or proof-of-concepts. They're practical tools being used right now to achieve real objectives. The barrier to entry keeps getting lower, and the results keep getting more consistent. ### What This Means for Security Professionals If you're feeling a sense of déjà vu reading about these threats, you're not alone. Many of us have been here before, watching the same vulnerabilities get exploited year after year. But there's an important lesson in this repetition. Security isn't just about chasing the latest threats. It's about maintaining the basics—the fundamentals that protect against attacks both old and new. Sometimes the most effective security measure isn't the newest AI-powered solution, but simply applying that patch you've been putting off. ### Moving Forward with Clearer Vision Looking at this week's threats, I'm reminded that security is a marathon, not a sprint. The attacks that worry me most aren't the flashy, headline-grabbing ones. They're the quiet, persistent threats that keep working long after they should have been retired. Our challenge isn't just to defend against what's new, but to finally put to rest what's old. That means creating systems and processes that make basic security maintenance easier, not harder. It means recognizing that sometimes the most boring tasks—like patch management and vulnerability scanning—are also the most critical. Next week will bring new threats, and we'll need to address those too. But let's not forget the lessons from this week. The threats that feel familiar are often the most dangerous, precisely because we've grown accustomed to their presence. Sometimes security isn't about building higher walls, but about finally fixing that gate you've been meaning to repair for years.