Topic: fortios devices

Fortinet Mitigates Critical FortiCloud SSO Zero-Day Before Patch

A critical authentication bypass flaw (CVE-2026-24858) in Fortinet's FortiCloud SSO was actively exploited, allowing attackers to gain administrative control over devices, even fully patched ones, by creating rogue accounts. Fortinet responded by globally disabling and then restricting FortiCloud...