🌐
CISO Series
cisoseries.com › home › podcast › cyber security headlines › cybersecurity news: fortinet vpn exploit, google gmail change, aflac breach update
Cybersecurity News: Fortinet VPN exploit, Google gmail change, Aflac breach update
2 days ago - Active exploitation of Fortinet VPN bypass observed, Google possibly allowing change of gmail address, June Aflac attack saw data theft
🌐
The Hacker News
thehackernews.com › home › cybersecurity news
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
3 days ago - Fortinet reports active attacks exploiting CVE-2020-12812, a FortiOS SSL VPN flaw that can bypass two-factor authentication in specific LDAP setups.
🌐
Cyber Security News
cybersecuritynews.com › home › cyber security news › hackers exploiting three-year-old fortigate vulnerability to bypass 2fa on firewalls
Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls
3 days ago - Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VPNs and admin consoles.
🌐
Security Affairs
securityaffairs.com › 186117 › security › five-year-old-fortinet-fortios-ssl-vpn-flaw-actively-exploited.html
Five-year-old Fortinet FortiOS SSL VPN flaw actively exploited
3 days ago - Romanian Waters confirms cyberattack, ... people | ... Fortinet researchers observed “recent abuse” of a five-year-old security vulnerability, tracked as CVE-2020-12812 (CVSS score: 5.2), in FortiOS SSL VPN....
🌐
The Hacker News
thehackernews.com › search › label › Fortinet
Fortinet — Latest News, Reports & Analysis | The Hacker News
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on ...
🌐
Fortinet
fortinet.com › corporate › about-us › newsroom
Newsroom | Fortinet News Releases
News Release · November 12, 2025 ... Launch Global Cybercrime Bounty Program · Nov 12, 2025 Fortinet Secure LAN Edge Delivered 308% ROI and 50% Higher NetOps Efficiency ·...
🌐
CISA
cisa.gov › news-events › alerts › 2025 › 11 › 14 › fortinet-releases-security-advisory-relative-path-traversal-vulnerability-affecting-fortiweb
Fortinet Releases Security Advisory for Relative Path Traversal Vulnerability Affecting FortiWeb Products | CISA
CISA has updated this Alert to include an additional vulnerability, CVE-2025-58034, and its relation to CVE-2025-64446, and associated resources. CISA is aware of the exploitation of two vulnerabilities, CVE-2025-64446 and CVE-2025-58034, in Fortinet FortiWeb, a web application firewall.
🌐
CISA
cisa.gov › news-events › alerts › 2025 › 04 › 11 › fortinet-releases-advisory-new-post-exploitation-technique-known-vulnerabilities
Fortinet Releases Advisory on New Post-Exploitation Technique for Known Vulnerabilities | CISA
Share sensitive information only ... A Cyber Issue ... Fortinet is aware of a threat actor creating a malicious file from previously exploited Fortinet vulnerabilities (CVE-2024-21762, CVE-2023-27997, and CVE-2022-42475) within FortiGate products....
🌐
SC Media
scworld.com › sc media › threat management › intrusions involving old fortinet fortios ssl vpn bug underway
Intrusions involving old Fortinet FortiOS SSL VPN bug underway | SC Media
2 days ago - Threat actors have launched attacks exploiting the half-decade-old medium-severity improper authentication vulnerability in Fortinet's FortiOS SSL VPN, tracked as CVE-2020-12812, according to Security Affairs.
🌐
The Hacker News
thehackernews.com › home › cybersecurity news
Fortinet FortiGate Under Active Attack Through SAML SSO Authentication Bypass
2 weeks ago - Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on ...
Find elsewhere
🌐
Cybersecurity Dive
cybersecuritydive.com › news › cyberattacks-fortinet-software › 753334
Researchers warn of cyberattacks targeting key Fortinet software | Cybersecurity Dive
July 18, 2025 - The Cybersecurity and Infrastructure Security Agency on Friday said it added the flaw to its catalog of known exploited vulnerabilities. Fortinet also confirmed exploitation in an update to its security guidance.
🌐
Fortinet
fortinet.com › blog
Fortinet Blog - Broad, Integrated, Automated Cybersecurity
A concise guide for security leaders on deploying quantum-safe encryption today, covering performance, crypto-agility, NIST standards, and flexible PQC and QKD options ... Learn what Fortinet and global partners uncovered about AI-enabled cybercrime through recent tabletop exercises and how these insights help strengthen defensive strategies.
🌐
Cyber Press
cyberpress.org › home › hackers abuse 3-year-old fortigate flaw to bypass firewall 2fa protections
Hackers Abuse 3-Year-Old FortiGate Flaw to Bypass Firewall 2FA Protections
3 days ago - The vulnerability, identified as CVE-2020-12812 and tracked internally as FG-IR-19-283, exploits fundamental differences in how FortiGate processes usernames compared to LDAP directory services.
🌐
Fortinet
fortinet.com › corporate › about-us › newsroom › news
Fortinet related News articles
Fortinet Secure LAN Edge Delivered 308% ROI...
🌐
BleepingComputer
bleepingcomputer.com › home › latest fortinet news
Latest Fortinet news
Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication.
🌐
FortiGuard
fortiguard.com › psirt
PSIRT Advisories | FortiGuard Labs
FG-IR-25-647 Multiple Fortinet Products' FortiCloud SSO Login Authentication Bypass CVE-2025-59718 CVE-2025-59718
🌐
BleepingComputer
bleepingcomputer.com › home › news › security › over 25,000 forticloud sso devices exposed to remote attacks
Over 25,000 FortiCloud SSO devices exposed to remote attacks
1 week ago - Fortinet noted on December 9th, when it patched the security flaw tracked as CVE-2025-59718 (FortiOS, FortiProxy, FortiSwitchManager) and CVE-2025-59719 (FortiWeb), that the vulnerable FortiCloud SSO login feature is not enabled until admins ...
🌐
Cybersecurity Dive
cybersecuritydive.com › news › fortigate-devices-targeted-with-malicious-sso-logins › 808132
FortiGate devices targeted with malicious SSO logins | Cybersecurity Dive
2 weeks ago - Fortinet said the flaws were originally discovered by two members of its product security team. The flaws, tracked as CVE-2025-59718 and CVE-2025-59719, allow an attacker to bypass the FortiCloud SSO authentication using a crafted SAML message ...
🌐
Fortinet
fortinet.com › blog › psirt-blogs › product-security-advisory-and-analysis-observed-abuse-of-fg-ir-19-283
Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283 | Fortinet Blog
4 days ago - Fortinet has observed recent abuse of the July 2020 vulnerability FG-IR-19-283 / CVE-2020-12812 in the wild based on specific configurations.
🌐
Cyber Security News
cybersecuritynews.com › home › cyber security news › cisa adds fortinet vulnerability to kev catalog after active exploitation
CISA Adds Fortinet Vulnerability to KEV Catalog After Active Exploitation
2 weeks ago - CISA adds a Fortinet signature verification flaw affecting multiple products to its KEV catalog due to active exploitation in the wild.