Fortinet

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

exploited, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass 2026-01-28 at 10:17 By Ionut Arghire Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass Read More »

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)

0-day, Don't miss, firewall, Fortinet, FortiOS, Hot stuff, News, SSO, vulnerability /

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) 2026-01-28 at 02:21 By Zeljka Zorz Fortinet has begun releasing FortiOS versions that fix CVE-2026-24858, a critical zero-day vulnerability that allowed attackers to log into targeted organizations’ FortiGate firewalls. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out

Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858) Read More »

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

exploited, FortiCloud, Fortinet, SSO, Vulnerabilities /

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices 2026-01-23 at 16:05 By Ionut Arghire Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication. The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices Read More »

New Wave of Attacks Targeting FortiGate Firewalls

exploited, firewall, FortiGate, Fortinet, patch bypass, Vulnerabilities /

New Wave of Attacks Targeting FortiGate Firewalls 2026-01-22 at 14:41 By Ionut Arghire Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations. The post New Wave of Attacks Targeting FortiGate Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New Wave of Attacks Targeting FortiGate Firewalls Read More »

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?

Arctic Wolf Networks, Don't miss, firewall, Fortinet, FortiOS, Hot stuff, Huntress, News, privileged accounts, SSO, vulnerability /

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)

Don't miss, Fortinet, Horizon3.ai, Hot stuff, News, PoC, SIEM, Tenable, vulnerability /

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) 2026-01-15 at 15:27 By Zeljka Zorz A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizations to patch immediately. About CVE-2025-64155 CVE-2025-64155 may allow unauthenticated, remote attackers to execute unauthorized code or

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) Read More »

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet, Vulnerabilities, vulnerability /

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM 2026-01-14 at 11:56 By Ionut Arghire Exploitable without authentication, the two security defects could lead to configuration leak and code execution. The post Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM Read More »

Fortinet Warns of New Attacks Exploiting Old Vulnerability

exploited, Fortinet, Vulnerabilities /

Fortinet Warns of New Attacks Exploiting Old Vulnerability 2025-12-29 at 15:05 By Ionut Arghire Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication. The post Fortinet Warns of New Attacks Exploiting Old Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Warns of New Attacks Exploiting Old Vulnerability Read More »

CISOs are managing risk in survival mode

Arctic Wolf Networks, Binalyze, CISO, CSC, cybersecurity, Cynomi, DataVisor, Dune Security, EY, Fastly, Fortinet, Hack The Box, Ivanti, JumpCloud, Nagomi Security, News, NTT, Proofpoint, report, Splunk, Trellix, Unisys, VikingCloud, Wipro, Wiz /

CISOs are managing risk in survival mode 2025-12-29 at 08:08 By Anamarija Pogorelec CISOs carry expanding responsibility as cybersecurity budgets rise, AI adoption spreads, and board expectations grow. Risk management now depends on faster decisions, stronger coordination, and better communication across leadership teams. This article shows how CISOs are responding to growing pressure, ongoing threats,

CISOs are managing risk in survival mode Read More »

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)

Arctic Wolf Networks, CISA, Don't miss, firewall, Fortinet, Hot stuff, News, vulnerability /

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) 2025-12-17 at 16:31 By Zeljka Zorz Attackers are exploiting a recently revealed vulnerability (CVE-2025-59718) to bypass authentication on Fortinet’s FortiGate firewalls, and are leveraging the achieved access to export their system configuration files, Arctic Wolf researchers warned on Tuesday. Configuration files can expose information about

Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718) Read More »

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins

exploited, Featured, Fortinet, Vulnerabilities, vulnerability /

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins 2025-12-16 at 11:38 By Ionut Arghire Threat actors are exploiting the two critical authentication bypass vulnerabilities against FortiGate appliances. The post In-the-Wild Exploitation of Fresh Fortinet Flaws Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

In-the-Wild Exploitation of Fresh Fortinet Flaws Begins Read More »

Fortinet Patches Critical Authentication Bypass Vulnerabilities

Fortinet, patch, Vulnerabilities, vulnerability /

Fortinet Patches Critical Authentication Bypass Vulnerabilities 2025-12-10 at 15:18 By Ionut Arghire The two security defects impact FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager with FortiCloud SSO login authentication enabled. The post Fortinet Patches Critical Authentication Bypass Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical Authentication Bypass Vulnerabilities Read More »

Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)

CISA, Don't miss, Fortinet, Hot stuff, NCSC-NL, News, Trend Micro, vulnerability /

Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) 2025-11-19 at 13:47 By Zeljka Zorz Attackers are actively exploiting another FortiWeb vulnerability (CVE-2025-58034) that Fortinet fixed without making its existence public at the time. About CVE-2025-58034 CVE-2025-58034 is an OS Command Injection flaw caused by improper neutralization of special elements. It allows authenticated attackers to execute unauthorized

Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) Read More »

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week

exploited, Featured, Fortinet, FortiWeb, Vulnerabilities, vulnerability, Zero-Day /

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week 2025-11-19 at 11:49 By Ionut Arghire An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week Read More »

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability

CVE-2025-64446, Featured, Fortinet, Network Security, Vulnerabilities /

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability 2025-11-14 at 23:49 By Ionut Arghire Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. The post Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability appeared first on SecurityWeek. This

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability Read More »

A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn

Defused, Don't miss, Fortinet, Hot stuff, News, PoC, Rapid7, vulnerability, WatchTowr, web application security /

A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn 2025-11-14 at 14:10 By Zeljka Zorz A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on vulnerable, internet-facing devices. Whether intentionally or accidentally, the vulnerability (or this specific path for triggering it) has

A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn Read More »

Fortinet launches Secure AI Data Center to protect AI infrastructures end-to-end

Fortinet, Industry news /

Fortinet launches Secure AI Data Center to protect AI infrastructures end-to-end 2025-11-05 at 16:46 By Industry News Fortinet announced the Secure AI Data Center solution, an end-to-end framework purpose-built to protect AI infrastructures. Designed to secure the entire AI stack, from data center infrastructure to applications and LLMs, the solution delivers advanced AI threat defense

Fortinet launches Secure AI Data Center to protect AI infrastructures end-to-end Read More »

High-Severity Vulnerabilities Patched by Fortinet and Ivanti

Fortinet, Ivanti, Vulnerabilities /

High-Severity Vulnerabilities Patched by Fortinet and Ivanti 2025-10-15 at 11:20 By Eduard Kovacs Fortinet and Ivanti have announced their October 2025 Patch Tuesday updates, which patch many vulnerabilities across their products.  The post High-Severity Vulnerabilities Patched by Fortinet and Ivanti appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

High-Severity Vulnerabilities Patched by Fortinet and Ivanti Read More »

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign

Cisco, Fortinet, Malware & Threats, Palo Alto Networks /

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign 2025-10-10 at 15:49 By Ionut Arghire GreyNoise has discovered that attacks exploiting Cisco, Fortinet, and Palo Alto Networks vulnerabilities are launched from the same infrastructure. The post Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign appeared first on SecurityWeek. This article is an

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign Read More »

Fortinet, Ivanti, Nvidia Release Security Updates

Fortinet, Ivanti, NVIDIA, patches, Vulnerabilities /

Fortinet, Ivanti, Nvidia Release Security Updates 2025-09-10 at 13:52 By Ionut Arghire High-severity vulnerabilities could lead to remote code execution, privilege escalation, information disclosure, and configuration tampering. The post Fortinet, Ivanti, Nvidia Release Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet, Ivanti, Nvidia Release Security Updates Read More »

Scroll to Top