Fortinet Confirms New Zero-Day Behind Malicious SSO Logins
To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single sign-on (SSO) authentication for all devices.
Mitigation: SSO Access Restricted After Attackers Compromised Fully Patched DevicesNetwork security giant Fortinet locked out cloud customers from its single sign-on service until they update device firmware with a patch against active attacks exploiting an improper access control zero day. Only Fortinet devices running the latest, patched firmware versions can use Fortinet SSO.
More work for admins on the cards as they await a full dump of fixes Things aren't over yet for Fortinet customers – the security shop has disclosed yet another critical FortiCloud SSO vulnerability.…
Fortinet has begun releasing security updates to address a critical flaw impacting FortiOS that has come under active exploitation in the wild
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks by blocking FortiCloud SSO connections from devices running vulnerable firmware versions. [...]
Fix didn't quite do the job – attackers spotted logging in Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices supposedly fully up to date.…
Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls
Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to fully address a critical FortiCloud SSO authentication bypass vulnerability that should have already been patched since early December. [...]
Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. [...]
Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO FlawsThis week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled.
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure
Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authentication. [...]