The Hacker News

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.
CRN

‘Critical’ FortiManager Flaw Has Seen Exploitation Since June: Mandiant

The vulnerability—which has been exploited in attacks compromising more than 50 FortiManager devices, according to Mandiant researchers—was disclosed by Fortinet Wednesday. A critical-severity ...
Infosecurity-magazine.com

Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability

Fortinet has confirmed that a critical zero-day vulnerability affecting its FortiManager network management solution is being exploited in the wild. In an October 23 security advisory, the ...
CRN

5 Things To Know On The Fortinet FortiManager Attacks

A suspected nation-state campaign has been targeting FortiManager customers — likely including MSPs — since at least late June, according to security researchers. The attacks exploiting a ...