Dark Reading

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...

FortiBleed campaign used custom FortiGate sniffer to steal credentials

Security firm SOCRadar says the large-scale FortiBleed campaign targeting Fortinet FortiGate devices used custom sniffers to ...
Gizmodo

Cybercriminal Gang Just Leaked 500,000 Fortinet VPN Users’ Passwords

A hacker gang has allegedly collected and dumped a large trove of approximately 500,000 login credentials belonging to users of a popular VPN product from cybersecurity firm Fortinet. The threat actor ...
Homeland Security Today

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA says they are aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices ...
Bleeping Computer

Fortinet VPN design flaw hides successful brute-force attacks

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of ...