Security News

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. "The campaign involved...

Ransomware 'not off the table,' Arctic Wolf threat hunter tells El Reg Miscreants running a "mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an...

A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk...

Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through...

Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability,...

A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of...

No word on when or if the issue will be fixed Chinese government-linked snoops are exploiting a zero-day bug in Fortinet's Windows VPN client to steal credentials and other information, according...

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]

A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA....

Plus a bonus hard-coded local API key A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows...