Fortinet

What the Fortibleed campaign means for organizations running FortiGate firewalls

CloudSEK, Data leak, Don't miss, enterprise, Fortinet, Hot stuff, Hudson Rock, News, remediation, ZenoX /

What the Fortibleed campaign means for organizations running FortiGate firewalls 2026-06-23 at 17:46 By Zeljka Zorz A massive credential-harvesting campaign targeting FortiGate firewalls has exposed thousands of organizations to potential network compromise, and a trove of attacker tools, scripts, and credentials left inadvertently exposed on a server has given researchers an unusually detailed look at […]

What the Fortibleed campaign means for organizations running FortiGate firewalls Read More »

FortiBleed: 86,000 Fortinet Device Credentials Compromised

credentials, FortiBleed, Fortinet, Malware & Threats, Network Security, passwords /

FortiBleed: 86,000 Fortinet Device Credentials Compromised 2026-06-19 at 13:48 By Ionut Arghire The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs. The post FortiBleed: 86,000 Fortinet Device Credentials Compromised appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

FortiBleed: 86,000 Fortinet Device Credentials Compromised Read More »

74,000 Fortinet firewall credentials exposed in FortiBleed data leak

credentials, critical infrastructure, Data leak, data theft, Don't miss, enterprise, firewall, Fortinet, Government, Hot stuff, Hudson Rock, News, VPN /

74,000 Fortinet firewall credentials exposed in FortiBleed data leak 2026-06-18 at 15:10 By Zeljka Zorz A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The data was accidentally exposed by the group on a server, along with other artifacts and tools,

74,000 Fortinet firewall credentials exposed in FortiBleed data leak Read More »

Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform

Fortinet, Industry news /

Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform 2026-06-17 at 10:31 By Industry News Fortinet has announced the availability of FortiSOC, a unified, cloud-delivered security operations center (SOC) platform. FortiSOC brings together six security operations functions into a single Software-as-a-Service (SaaS) experience and embeds agentic AI to autonomously investigate and correlate

Fortinet FortiSOC unifies SIEM, SOAR, threat intelligence, and AI in one platform Read More »

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

exploited, Featured, FortiBleed, Fortinet, FortiSandbox, Vulnerabilities, vulnerability /

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs 2026-06-17 at 09:53 By Eduard Kovacs SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking.  The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs Read More »

Attackers are exploiting FortiSandbox vulnerabilities

Defused, Don't miss, exploit, Fortinet, Hot stuff, News, sandbox, vulnerability /

Attackers are exploiting FortiSandbox vulnerabilities 2026-06-16 at 18:27 By Zeljka Zorz Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning came on Monday from threat intelligence company Defused, which said

Attackers are exploiting FortiSandbox vulnerabilities Read More »

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Fortinet, Ivanti, Patch Tuesday, patches, Vulnerabilities, vulnerability /

Critical Vulnerabilities Patched in Fortinet, Ivanti Products 2026-06-10 at 12:16 By Ionut Arghire Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution. The post Critical Vulnerabilities Patched in Fortinet, Ivanti Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerabilities Patched in Fortinet, Ivanti Products Read More »

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

Arctic Wolf Networks, cookies, credentials, data theft, Don't miss, endpoint management, enterprise, Fortinet, Hot stuff, News, vulnerability /

New infostealer reaches enterprise devices through FortiClient EMS vulnerability 2026-05-29 at 18:31 By Zeljka Zorz Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold

New infostealer reaches enterprise devices through FortiClient EMS vulnerability Read More »

PureLogs infostealer is stealing credentials worldwide

data theft, Don't miss, Fortinet, Hot stuff, Malware, News, phishing /

PureLogs infostealer is stealing credentials worldwide 2026-05-19 at 16:58 By Zeljka Zorz A phishing campaign is smuggling the powerful PureLogs information stealer onto targets’ Windows machines by hiding encrypted malicious payloads inside cat photos, Fortinet researchers discovered. The attack The attack starts with a phishing email containing a TXZ archive and using an invoice-themed lure

PureLogs infostealer is stealing credentials worldwide Read More »

Fortinet, Ivanti Patch Critical Vulnerabilities

Fortinet, Ivanti, patches, Vulnerabilities, vulnerability, Zoom /

Fortinet, Ivanti Patch Critical Vulnerabilities 2026-05-13 at 12:36 By Ionut Arghire Successful exploitation of these flaws could lead to arbitrary code execution and information disclosure. The post Fortinet, Ivanti Patch Critical Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet, Ivanti Patch Critical Vulnerabilities Read More »

New Mirai variants target routers and DVRs in parallel campaigns

Akamai, botnet, consumer, DDoS, Don't miss, DVR, end of support, enterprise, exploit, Fortinet, Hot stuff, Internet of Things, Malware, News, router, SMBs /

New Mirai variants target routers and DVRs in parallel campaigns 2026-04-22 at 16:42 By Zeljka Zorz Hidden inside newly discovered botnet malware is an unusual message from its creator: “AI.NEEDS.TO.DIE”. Dubbed “tuxnokill” by researchers at Akamai, the malware is one of two fresh Mirai botnet variants documented this month by major cybersecurity firms and, judging

New Mirai variants target routers and DVRs in parallel campaigns Read More »

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808)

Fortinet, Hot stuff, News, sandbox, security update, vulnerability /

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) 2026-04-16 at 18:37 By Zeljka Zorz Two vulnerabilities (CVE-2026-39813, CVE-2026-39808) in FortiSandbox could be leveraged by unauthenticated attackers to bypass authentication and execute unauthorized code or commands on vulnerable systems. Both vulnerabilities can be triggered with a specially crafted HTTP request, putting unpatched FortiSandbox deployments at risk. About

Fortinet fixes critical FortiSandbox vulnerabilities (CVE-2026-39813, CVE-2026-39808) Read More »

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet, patches, Vulnerabilities, vulnerability /

Fortinet Patches Critical FortiSandbox Vulnerabilities 2026-04-15 at 14:29 By Ionut Arghire The flaws could allow attackers to bypass authentication or execute arbitrary code or commands via HTTP requests. The post Fortinet Patches Critical FortiSandbox Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical FortiSandbox Vulnerabilities Read More »

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

CVE-2026-35616, Featured, Fortinet, Network Security, Vulnerabilities, vulnerability /

Fortinet Rushes Emergency Fixes for Exploited Zero-Day 2026-04-06 at 12:42 By Ionut Arghire The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely. The post Fortinet Rushes Emergency Fixes for Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Rushes Emergency Fixes for Exploited Zero-Day Read More »

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

0-day, Defused Cyber, Don't miss, enterprise, Fortinet, Hot stuff, News /

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) 2026-04-04 at 17:39 By Zeljka Zorz Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616) Read More »

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

exploited, FortiClient, Fortinet, Vulnerabilities, vulnerability /

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins 2026-03-31 at 15:43 By Ionut Arghire The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins Read More »

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

Bishop Fox, Defused Cyber, Don't miss, enterprise, Fortinet, Hot stuff, News, vulnerability /

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) 2026-03-30 at 15:37 By Zeljka Zorz A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643) Read More »

Fortinet enhances SecOps with cloud SOC, AI automation, and managed services

Fortinet, Industry news /

Fortinet enhances SecOps with cloud SOC, AI automation, and managed services 2026-03-10 at 17:11 By Industry News Fortinet has announced major innovations across the Fortinet Security Operations (SecOps) Platform. The updates feature next-generation SecOps advancements, including expanded agentic AI capabilities, a preview of FortiSOC, managed services, and endpoint security enhancements delivered through FortiEndpoint. “As attackers

Fortinet enhances SecOps with cloud SOC, AI automation, and managed services Read More »

Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization

Fortinet, Industry news /

Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization 2026-01-28 at 12:06 By Industry News Fortinet announced new enhancements to FortiCNAPP that help organizations better understand and prioritize cloud risk beyond what many CNAPP solutions offer. By correlating cloud configuration, identity exposure, vulnerabilities, network enforcement, data sensitivity, and runtime behavior within a single workflow,

Fortinet expands FortiCNAPP with network, data, and runtime-aware risk prioritization Read More »

Scroll to Top