Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices ...

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...

Things aren't over yet for Fortinet customers – the security shop has disclosed yet another critical FortiCloud SSO vulnerability.… Those hoping for a reprieve following last week's patch pantomime ...

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

Fortinet: Restrict admin access, disable FortiCloud SSO Until Fortinet fully addresses the CVE-2025-59718 vulnerability, Windsor advised customers to restrict administrative access to their edge ...

Attackers are still targeting FortiOS, FortiManager, and FortiAnalyzer with FortiCloud SSO login enabled, creating admin accounts. This allows them to gain full control over devices. A functional ...

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes. According to researchers at Arctic Wolf, the exploit hinges on ...