FortiWeb

Critical WatchGuard VPN Flaw Actively Exploited

December 21, 2025

A critical, actively exploited vulnerability (CVE-2025-14733) in WatchGuard's Fireware OS allows unauthenticated remote attackers to execute arbitrary code on affected…

Business

FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited

December 19, 2025

Attackers are actively exploiting a critical Fortinet firewall vulnerability (CVE-2025-59718) to bypass authentication and steal sensitive network configuration files containing…

Newswire

Hackers Target Unpatched Fortinet Flaws After Fix

December 18, 2025

Attackers are exploiting two critical authentication bypass vulnerabilities (CVE-2025-59718 & CVE-2025-59719) in Fortinet products, gaining administrative access to steal sensitive…

Business

Fortinet warns of critical FortiCloud SSO auth bypass flaw

December 11, 2025

Fortinet has patched two critical authentication bypass vulnerabilities (CVE-2025-59718 & CVE-2025-59719) in several products, which could allow attackers to gain…

Business

CISA Orders Agencies to Patch Critical Fortinet Flaw in 7 Days

November 21, 2025

CISA has mandated a 7-day deadline for U.S. government agencies to patch CVE-2025-58034, a critical Fortinet FortiWeb vulnerability being actively…

Cybersecurity

Urgent: Actively Exploited FortiWeb Flaw Patched (CVE-2025-58034)

November 20, 2025

A critical OS command injection vulnerability (CVE-2025-58034) in FortiWeb firewalls is being actively exploited, allowing attackers to execute arbitrary commands…

BigTech Companies

Urgent FortiWeb Zero-Day Actively Exploited, Fortinet Warns

November 19, 2025

A zero-day vulnerability (CVE-2025-58034) in FortiWeb firewalls allows authenticated attackers to execute arbitrary OS commands via manipulated HTTP or CLI…

BigTech Companies

Fortinet Patches Actively Exploited FortiWeb Zero-Day

November 16, 2025

Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized…

Business

Active Exploit Targets Suspected FortiWeb Zero-Day

November 15, 2025

A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts…

Cybersecurity

Google Chrome Zero-Day & FortiWeb SQL Flaw: Critical Fixes

July 21, 2025

Google Chrome users must urgently update due to an actively exploited zero-day vulnerability (CVE-2025-6558), marking the fifth critical flaw patched…

Cybersecurity

Fortinet FortiWeb Hacks Tied to Public RCE Exploits

July 17, 2025

A hooded figure holds a red cube as shards of glass explode around them, creating a dramatic, dark scene.

Security teams are responding to active exploitation of a critical Fortinet FortiWeb vulnerability (CVE-2025-25257), allowing unauthenticated remote code execution via…

Cybersecurity

Patch Now: Public Exploits for FortiWeb RCE Flaw (CVE-2025-25257)

July 16, 2025

CVE-2025-25257 is a critical remote code execution flaw in FortiWeb's Fabric Connector, allowing attackers to inject SQL commands via HTTP/S…

Cybersecurity

Patch Now: FortiWeb Pre-Auth RCE Exploits Released

July 13, 2025

A critical vulnerability (CVE-2025-25257, 9.8/10 severity) in Fortinet's FortiWeb WAF allows unauthenticated remote code execution via SQL injection, requiring immediate…