Topic: configuration exfiltration
-
FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited
Attackers are actively exploiting a critical Fortinet firewall vulnerability (CVE-2025-59718) to bypass authentication and steal sensitive network configuration files containing encrypted credentials. The flaw, along with a related one (CVE-2025-59719), stems from improper cryptographic signature...
Read More » -
Patched FortiGate Firewalls Still Vulnerable to CVE-2025-59718
A critical Fortinet firewall vulnerability (CVE-2025-59718) remains actively exploitable even on systems with official patches, allowing attackers to bypass authentication and take over networks. Security researchers have confirmed ongoing exploitation where attackers use malicious SSO logins to ...
Read More » -
Fortinet Mitigates Critical FortiCloud SSO Zero-Day Before Patch
A critical authentication bypass flaw (CVE-2026-24858) in Fortinet's FortiCloud SSO was actively exploited, allowing attackers to gain administrative control over devices, even fully patched ones, by creating rogue accounts. Fortinet responded by globally disabling and then restricting FortiCloud...
Read More »