Infosecurity-magazine.com

Russian Cyber Threat Actor Uses GenAI to Compromise Fortinet Firewalls

A low-skilled cyber threat actor has been observed leveraging several generative AI (GenAI) tools to deploy a malicious campaign aimed at compromising Fortinet’s FortiGate firewall appliances. In an ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls.
Bleeping Computer

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. The campaign ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices. The activity, ...
thecyberexpress

Fortinet Admins Report Active Exploits on “Fixed” FortiOS 7.4.9 Firmware

Network administrators worldwide are scrambling this morning following credible reports that the critical Fortinet Single Sign-On (SSO) vulnerability, tracked as CVE-2025-59718, is being actively ...
MCPmag

Microsoft 365, Azure and Entra ID Backup & Recovery Summit

Is Your Cloud Data Truly Protected? Now more than ever, enterprises need a secure plan to bulletproof their Microsoft 365, Azure and Entra ID environments. In this timely virtual event, our panel of ...
Bleeping Computer

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

Fortinet has warned customers that threat actors are still actively exploiting a critical FortiOS vulnerability that allows them to bypass two-factor authentication (2FA) when targeting vulnerable ...
Windows Report

Entra ID login is finally coming to RDP in the Azure portal

Microsoft is rolling out public preview support for Entra ID authentication for RDP connections directly inside the Azure portal. For years, Azure Bastion has offered secure RDP and SSH access, but ...
GitHub

Azure Entra ID authorization provider for the Cirreum framework

Cirreum.Authorization.Entra is a .NET 10 authorization provider that seamlessly integrates Azure Entra ID (formerly Azure Active Directory) authentication into applications built with the Cirreum ...
CSOonline

Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment

Only days after Fortinet was criticized by researchers for ‘silently’ patching a zero-day vulnerability without informing its customers, it has emerged that it did the same for a second zero-day that ...