Fortinet Archives • Daily CyberSecurity

FortiBleed: 30,791 Fortinet Firewalls Compromised in Global Credential Heist FortiBleed campaign map of 30,791 compromised Fortinet firewalls and VPN credential leak

FortiBleed campaign map of 30,791 compromised Fortinet firewalls and VPN credential leak

FortiBleed: 30,791 Fortinet Firewalls Compromised in Global Credential Heist

Do Son June 18, 2026

Your firewall is supposed to keep attackers out. Yet a sweeping new campaign turns that assumption on...

JDY Botnet Resurges: China-Nexus IoT Army Hunts New Vulnerabilities Within Hours JDY botnet Volt Typhoon, SOHO botnet, CVE-2026-35616

JDY Botnet Resurges: China-Nexus IoT Army Hunts New Vulnerabilities Within Hours

Do Son June 17, 2026

A covert reconnaissance network tied to Chinese state-backed hackers is back and bigger than before. Researchers at...

Critical FortiSandbox Flaw Requires Immediate Patching CVE-2026-25089 CVE-2023-45590

Critical FortiSandbox Flaw Requires Immediate Patching

Do Son June 10, 2026

A critical security vulnerability tracks as CVE-2026-25089 inside the Fortinet ecosystem. This dangerous flaw scores a high...

Fortinet Critical Alert: 9.1 Severity Flaws in FortiSandbox and FortiAuthenticator Risk Remote Takeover CVE-2023-36553 Fortinet Critical Vulnerabilities FortiSandbox CVE-2026-26083

CVE-2023-36553 Fortinet Critical Vulnerabilities FortiSandbox CVE-2026-26083

Fortinet Critical Alert: 9.1 Severity Flaws in FortiSandbox and FortiAuthenticator Risk Remote Takeover

Do Son May 13, 2026

Fortinet has issued a high-priority warning regarding two separate critical vulnerabilities affecting core security components: FortiSandbox and...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026) MCP Security Vulnerability Management

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 13 – April 19, 2026)

Do Son April 20, 2026

Welcome to this week’s vulnerability digest. Between April 13 and April 19, 2026, the global security community logged...

Critical 9.1 Flaws Hit Fortinet FortiSandbox FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Critical 9.1 Flaws Hit Fortinet FortiSandbox

Do Son April 15, 2026

Fortinet has issued an urgent advisory regarding two critical vulnerabilities in its FortiSandbox platform—vulnerabilities that could allow...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026) Vulnerability Digest Active Exploitation

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026)

Do Son April 13, 2026

Welcome to this week’s vulnerability digest. As we close out the first full week of April, security...

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Knowledge Deliver RCE vulnerability FortiClient EMS Vulnerability CVE-2026-35616 Cisco SD-WAN Vulnerability CVE-2026-20122 PCPcat, Next.js RCE Salesloft breach, Salesforce CRM WIREFIRE web shell

Under Active Attack: Critical 9.1 CVSS FortiClient EMS Flaw Exploited in the Wild

Do Son April 4, 2026

Security teams are on high alert as Fortinet confirms that a critical vulnerability in its FortiClient EMS...

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE

Do Son February 9, 2026

Fortinet has issued a high-priority security advisory for its FortiClient Enterprise Management Server (EMS), warning of a...

Under Attack: Critical Fortinet Auth Bypass (CVE-2026-24858) Exploited in the Wild GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

GUARDIANWALL MailSuite Exploit CVE-2026-32661 FileZen Vulnerability CVE-2026-25108 Ivanti EPMM Vulnerability Dormant Backdoor Fortinet Authentication Bypass CVE-2026-24858 VMware vCenter Server Flaw CVE-2025-21590

Under Attack: Critical Fortinet Auth Bypass (CVE-2026-24858) Exploited in the Wild

Do Son January 28, 2026

Fortinet has issued an urgent warning regarding a critical vulnerability affecting its core network security platforms, including...

“New” Path of Attack: Fully Upgraded Fortinet Devices Hit by SSO Exploits Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

Fortinet patch bypass 2026, FortiGate SSO authentication exploit SharePoint Zero-Day, China APTs Exploited Vulnerabilities 2023

“New” Path of Attack: Fully Upgraded Fortinet Devices Hit by SSO Exploits

Do Son January 23, 2026

Fortinet is investigating a concerning new wave of attacks targeting its network security devices, where threat actors...

Exploit Code Published: Critical FortiSIEM Flaw Grants Unauthenticated Root Access FortiSIEM PoC Exploit CVE-2025-64155

Exploit Code Published: Critical FortiSIEM Flaw Grants Unauthenticated Root Access

Do Son January 14, 2026

Security researchers have blown the lid off a critical vulnerability in Fortinet’s FortiSIEM appliance, publicly releasing proof-of-concept...

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Hackers Revive 2020 FortiGate Flaw to Bypass 2FA

Do Son December 25, 2025

Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to...

“ClickFix” Trap: Fake Human Verification Leads to Qilin Ransomware Infection Iranian Cyber Espionage Void Manticore

“ClickFix” Trap: Fake Human Verification Leads to Qilin Ransomware Infection

Do Son December 22, 2025

A deceptive social engineering tactic known as “ClickFix” has evolved into a gateway for major ransomware attacks,...

Critical FortiGate SSO Flaw Under Active Exploitation: Attackers Bypass Auth and Exfiltrate Configs Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Critical FortiGate SSO Flaw Under Active Exploitation: Attackers Bypass Auth and Exfiltrate Configs

Do Son December 16, 2025

A critical security crisis is unfolding for Fortinet administrators this week. Just days after the vendor disclosed...

Critical Fortinet Flaw Risks Unauthenticated Admin Bypass via FortiCloud SSO SAML Forgery Fortinet 2FA Bypass, Case-Sensitivity Exploit CVE-2023-25610 Fortinet SSO Bypass, FortiCloud SAML Flaw

Critical Fortinet Flaw Risks Unauthenticated Admin Bypass via FortiCloud SSO SAML Forgery

Do Son December 10, 2025

Fortinet has issued an urgent security advisory following the discovery of a critical vulnerability affecting its flagship...

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

DriverFixer0428, Contagious Interview Cache Smuggling, ClickFix Evasion North Korean Cyber Espionage

Zero-Download Malware: New Cache Smuggling Phishing Attack Delivers Payload via Browser Cache

Do Son October 10, 2025

Security researchers from Expel have discovered a new phishing campaign that creatively blends social engineering with browser...

DarkCloud Rises: New Fileless Stealer Uses PowerShell & Process Hollowing to Evade Detection DarkCloud Stealer, Fileless Malware

DarkCloud Rises: New Fileless Stealer Uses PowerShell & Process Hollowing to Evade Detection

Do Son August 11, 2025

Researchers from Fortinet’s FortiGuard Labs detected a new DarkCloud campaign deploying a stealthy, fileless payload through a...

FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available! CISA active exploit catalog known exploited vulnerabilities ActiveMQ RCE CVE-2026-34197 CISA KEV Catalog Actively Exploited Vulnerabilities CISA KEV Catalog CVE-2025-37164 GeoServer XXE, CISA KEV FortiWeb SQLi, CISA KEV Critical Vulnerabilities CVE-2024-20953