heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
Forbes

New Fortinet Zero-Day Warning—Update Now, Attacks Underway

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Fortinet issues emergency update as zero-day attack confirmed. Updated April 7: Following ...
Ars Technica

Yet another Fortinet question - 7.6.0 OK to install? (Updated from 7.4.3)

I'm asking in light of the recent vulnerabilities that we're seeing, but also just in general. I just updated my 80F to 7.2.7 (the 'mature' firmware, whatever that means). I see the option to upgrade ...
ITWire

FortiGate Edge Intrusions: Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...