Bleeping Computer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
Bleeping Computer

Fortinet admins report patched FortiGate firewalls getting hacked

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. One of the affected ...
CSOonline

Fortinet confirms zero-day flaw used in attacks against its firewalls

The advisory from the cybersecurity company follows a report from security researchers who observed exploits in the wild in early December as part of a widespread campaign. Fortinet has confirmed the ...
CSOonline

Fortinet patches critical flaw with public exploit in FortiSIEM

Fortinet fixed a critical command injection vulnerability in FortiSIEM, which is subject to a working exploit in the wild, as well as a high-severity authentication bypass in FortiOS, FortiProxy, and ...
Dark Reading

Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges

Fortinet has patched an actively exploited zero-day authentication bypass flaw affecting its FortiOS and FortiProxy products, which attackers have been exploiting to gain super-administrative access ...
Dark Reading

Fortinet Products Are in the Crosshairs Again

Fortinet, whose technologies are a popular target for attackers, has disclosed a critical, unauthenticated remote code execution vulnerability in its FortiSIEM platform. A proof-of-concept exploit for ...
Infosecurity-magazine.com

New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls

A new threat actor has leaked configuration files and virtual private network (VPN) information for 15,000 firewall devices provided by security vendor Fortinet. On January 15, Kevin Beaumont, an ...