Hosted on MSN

Fortinet admits FortiGate SSO bug still exploitable despite December patch

Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices ...
Hosted on MSN

Fortinet products hit by further security flaws - giving hackers access to systems and more

Two critical SAML‑signature flaws (CVE‑2025‑59718/59719) let attackers bypass SSO across multiple Fortinet products Exploitation began December 12, with intruders pulling config files that expose ...
Bleeping Computer

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. The campaign ...
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes. According to researchers at Arctic Wolf, the exploit hinges on ...
CSOonline

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration changes from attacks on an unpatched flaw. Fortinet has confirmed that a new ...
heise online

Fortinet continues to combat ongoing SSO admin attacks

Attackers are still targeting FortiOS, FortiManager, and FortiAnalyzer with FortiCloud SSO login enabled, creating admin accounts. This allows them to gain full control over devices. A functional ...