CISA, security researchers warn FortiCloud SSO flaw is under attack

The flaw, tracked as CVE-2026-24858, allows an attacker with a registered device and a FortiCloud account to access devices ...
SecurityWeek

Hackers Leak 5.1 Million Panera Bread Records

The ShinyHunters extortion group has leaked 14 million records allegedly stolen from US bakery-cafe chain Panera Bread.

Google's security team look at how ShinyHunters has rolled out SSO scams

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.
Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via ...

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.
Infosecurity Magazine

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Understand five best practices to overcome the most common SSO failure points and how organizations can reduce identity risk ...
Tech Times

Top 5 Best Customer Identity and Access Management (CIAM) Solutions in 2026

Discover the best customer identity and access management solutions in 2026. Compare top CIAM platforms for authentication, ...

Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.