FortiGate firewalls hit by silent SSO intrusions and config theft

Admins say attackers are still getting in despite recent patches FortiGate firewalls are getting quietly reconfigured and ...
Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.
CSO Online

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal configurations.
SDxCentral

Fortinet firewalls face new threat, this time from authentication flaw

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes.

Fortinet admits FortiGate SSO bug still exploitable despite December patch

Fix didn't quite do the job – attackers spotted logging in Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication ...