Fortinet

Brute-force attacks hammer Fortinet devices worldwide

Brute-force attacks hammer Fortinet devices worldwide 2025-08-14 at 17:05 By Zeljka Zorz A surge in brute-force attempts targeting Fortinet SSL VPNs that was spotted earlier this month could be a portent of imminent attacks leveraging currently undisclosed (potentially zero-day) vulnerabilities in Fortinet devices. Shifting attacks Greynoise, a cybersecurity intelligence service that through its global network […]

React to this headline:

Loading spinner

Brute-force attacks hammer Fortinet devices worldwide Read More »

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) 2025-08-13 at 12:43 By Zeljka Zorz Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About CVE-2025-25256 FortiSIEM is a security information and event management platform used by organizations to collect, correlate

React to this headline:

Loading spinner

Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256) Read More »

Fortinet, Ivanti Release August 2025 Security Patches

Fortinet, Ivanti Release August 2025 Security Patches 2025-08-13 at 12:43 By Eduard Kovacs Fortinet and Ivanti have published new security advisories for their August 2025 Patch Tuesday updates.  The post Fortinet, Ivanti Release August 2025 Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet, Ivanti Release August 2025 Security Patches Read More »

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543) 2025-08-12 at 17:51 By Zeljka Zorz FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix Bleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices. Since July 28, 2025, they have detected over 6,000 exploitation

React to this headline:

Loading spinner

Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543) Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) 2025-07-14 at 16:34 By Zeljka Zorz With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers soon. About CVE-2025-25257 CVE-2025-25257 is found

React to this headline:

Loading spinner

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) Read More »

C-suites step up on OT cybersecurity, and it’s paying off

C-suites step up on OT cybersecurity, and it’s paying off 2025-07-10 at 07:44 By Help Net Security There has been a significant increase in the global trend of corporations planning to integrate cybersecurity under the CISO or other executives, according to Fortinet. Growing maturity in OT cybersecurity processes and solutions (Source: Fortinet) OT security moves

React to this headline:

Loading spinner

C-suites step up on OT cybersecurity, and it’s paying off Read More »

Ivanti, Fortinet, Splunk Release Security Updates

Ivanti, Fortinet, Splunk Release Security Updates 2025-07-09 at 11:38 By Ionut Arghire Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet, Splunk Release Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Ivanti, Fortinet, Splunk Release Security Updates Read More »

Infosec products of the month: June 2025

Infosec products of the month: June 2025 2025-06-27 at 07:01 By Sinisa Markovic Here’s a look at the most interesting products from the past month, featuring releases from: Akamai, AttackIQ, Barracuda Networks, BigID, Bitdefender, Contrast Security, Cymulate, Dashlane, Embed Security, Fortanix, Fortinet, Jumio, Lemony, Malwarebytes, SpecterOps, StackHawk, Stellar Cyber, Sumsub, Thales, Tines, Vanta, and Varonis.

React to this headline:

Loading spinner

Infosec products of the month: June 2025 Read More »

Fortinet, Ivanti Patch High-Severity Vulnerabilities

Fortinet, Ivanti Patch High-Severity Vulnerabilities 2025-06-11 at 15:48 By Ionut Arghire Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks. The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Fortinet, Ivanti Patch High-Severity Vulnerabilities Read More »

New infosec products of the week: June 6, 2025

New infosec products of the week: June 6, 2025 2025-06-06 at 07:01 By Sinisa Markovic Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and Varonis. Bitdefender unifies security, risk management, and compliance in a single platform Bitdefender announced GravityZone Compliance Manager,

React to this headline:

Loading spinner

New infosec products of the week: June 6, 2025 Read More »

FortiMail Workspace Security expands protection beyond email to web and collaboration tools

FortiMail Workspace Security expands protection beyond email to web and collaboration tools 2025-06-05 at 09:34 By Industry News Fortinet has enhanced its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities extend protection not only to email but also to browser and collaboration security. These advancements,

React to this headline:

Loading spinner

FortiMail Workspace Security expands protection beyond email to web and collaboration tools Read More »

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances 2025-05-14 at 13:02 By Ionut Arghire Fortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances. The post Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances Read More »

Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)

Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756) 2025-05-13 at 21:48 By Zeljka Zorz Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security incident response team has revealed on Tuesday. About CVE-2025-32756 CVE-2025-32756 is a stack-based overflow vulnerability that

React to this headline:

Loading spinner

Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756) Read More »

AI and automation shift the cybersecurity balance toward attackers

AI and automation shift the cybersecurity balance toward attackers 2025-05-02 at 09:02 By Help Net Security Threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders, according to Fortinet. The post AI and automation shift the cybersecurity balance toward attackers appeared first on Help Net Security.

React to this headline:

Loading spinner

AI and automation shift the cybersecurity balance toward attackers Read More »

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances 

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  2025-04-24 at 18:12 By Ryan Naraine The latest Verizon DBIR landed this week with a startling statistic about the security posture of VPNs and network edge devices. The post Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Verizon DBIR Flags Major Patch Delays on VPNs, Edge Appliances  Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices 2025-04-11 at 21:05 By Zeljka Zorz A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original

React to this headline:

Loading spinner

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices Read More »

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) 2025-04-10 at 13:18 By Zeljka Zorz Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet

React to this headline:

Loading spinner

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) Read More »

Fortinet Patches Critical FortiSwitch Vulnerability

Fortinet Patches Critical FortiSwitch Vulnerability 2025-04-09 at 13:43 By Ionut Arghire Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords. The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet Patches Critical FortiSwitch Vulnerability Read More »

Scroll to Top