heise online

Unknown group releases Fortinet config files and VPN passwords to the darknet

Complete config files and VPN passwords in plain text for Fortinet devices have been released by a new group. heise security takes a look at the data set. Usually, you'll get only small gifts in ...
Dark Reading

Fortinet Firewalls Hit With Malicious Configuration Changes

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...
Ars Technica

FortiGate admins report active exploitation 0-day. Vendor isn’t talking.

Fortinet, a maker of network security software, has kept a critical vulnerability under wraps for more than a week amid reports that attackers are using it to execute malicious code on servers used by ...
Ars Technica

VOIP calls sometimes missing audio: Fortinet firewall-what to config?

The firewall has 5060 and 10000-20000 open to the SIP provider (voip.ms), and a static NAT to the FreePBX server but we are getting some set of calls with no audio on either end. Anyone have any ideas ...
Bleeping Computer

Fortinet warns of critical RCE flaw in FortiOS, FortiProxy devices

Fortinet has disclosed a critical severity flaw impacting FortiOS and FortiProxy, allowing a remote attacker to perform arbitrary code execution on vulnerable devices. The flaw, discovered by ...