Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices ...

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

FortiGate firewalls are getting quietly reconfigured and stripped down by miscreants who've figured out how to sidestep SSO protections and grab sensitive settings right out of the box.… That's ...

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...

Fortinet customers are seeing attackers exploiting a patch bypass for a previously fixed critical FortiGate authentication vulnerability (CVE-2025-59718) to hack patched firewalls. One of the affected ...

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...