CISA Mandates Urgent Patch for Actively Exploited Critical Fortinet Vulnerabilities
US government agencies have until July 19 to patch two critical Fortinet vulnerabilities
Discover the latest Fortinet cybersecurity insights, updates, and solutions. Protect your information with cutting-edge Fortinet security news and trends.
Search across headline titles and summaries.
Background for this topic.
Fortinet is a cybersecurity vendor best known for FortiGate, a network firewall platform running FortiOS. FortiGate appliances, virtual machines, and cloud deployments provide traffic filtering, VPN access, intrusion prevention, and network segmentation; related products manage devices, collect security telemetry, or protect endpoints. FortiGuard Labs supplies threat intelligence and detection updates used across parts of this ecosystem.
Fortinet matters to security teams because its devices commonly sit at network boundaries and may expose administrative interfaces or SSL-VPN services to the internet. Vulnerabilities in FortiOS or supporting products can therefore create a path to authentication bypass, unauthorized access, or interception of remote connections when affected configurations are present. Practitioners should track Fortinet advisories, promptly apply firmware and signature updates, restrict management access, use multifactor authentication where supported, and monitor device logs and configuration changes. During an incident, preserve firewall and VPN telemetry and review connected systems rather than treating the appliance as an isolated asset.
Weekly headline count for the current query.
US government agencies have until July 19 to patch two critical Fortinet vulnerabilities
FortiGuard says the Brazilian banking trojan Ousaban is targeting Spain and Portugal via phishing
The NCSC has released guidance for Fortinet customers impacted by the FortiBleed threat campaign
CloudSEK maps Operation Escaneo, a campaign hitting Latin American infrastructure via perimeter bugs
FortiGuard Labs detailed a PureLogs campaign using JavaScript, PowerShell and process hollowing
FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices
Fortinet has updated its FortiClient EMS product after zero-day attacks surfaced
A low-skilled Russian-speaking attacker has used GenAI tools to help deploy a successful attack workflow targeting FortiGate instances
Fortinet reveals details of a new critical-rated vulnerability in FortiSIEM circulating in the wild
Fortinet has identified a new Windows RAT operating stealthily on compromised systems with advanced evasion techniques
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical
According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second
The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog
A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems
Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn
DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks
The leak likely comes from a zero-day exploit affecting Fortinet’s products
A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure
The security provider published mitigation measures to prevent exploitation
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October