Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Threat Post

Unpatched Fortinet Bug Allows Firewall Takeovers

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. An unpatched OS command-injection security vulnerability has been disclosed ...
CSOonline

FortiGate firewall credentials being stolen after vulnerabilities discovered

Threat actors aren’t wasting time taking advantage of newly-revealed vulnerabilities in Fortinet device authentication. Researchers at Arctic Wolf said they are seeing malicious single sign on (SSO) ...
CRN

How To Provision A Branch Office Using Fortinet In Under 10 Minutes

‘You can have a fully provisioned network stack in your branch office in under 10 minutes, where it’s firewall, Wi-Fi, switch, and SD-WAN,’ says Steve Huddleston, a Fortinet senior systems engineer.
Bleeping Computer

Fortinet discloses second firewall auth bypass patched in January

Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.