heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...

FortiGate Edge Intrusions: Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...
Hosted on MSN

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

Cybercriminals seem to be taking advantage of a hole in a recent patch for Fortinet FortiGate instances, and are exploiting the vulnerability to create administrator accounts and steal firewall ...
Bleeping Computer

Fortinet warns of critical FortiCloud SSO login auth bypass flaws

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...
CSOonline

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration changes from attacks on an unpatched flaw. Fortinet has confirmed that a new ...
Voice&Data

Fortinet launches FortiOS 8.0 with AI and SASE security

Fortinet releases FortiOS 8.0 with new AI security controls, SASE enhancements and post-quantum cryptography features for modern networks and cloud systems.
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...