Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...

Attackers are still targeting FortiOS, FortiManager, and FortiAnalyzer with FortiCloud SSO login enabled, creating admin accounts. This allows them to gain full control over devices. A functional ...

Vulnerabilities could allow an attacker to bypass single sign-on login protection; users should disable SSO until patching is complete. Admins using FortiCloud SSO (single sign on) to authenticate ...

Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO ...

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration changes from attacks on an unpatched flaw. Fortinet has confirmed that a new ...

A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...

Fortinet firewalls are under threat from a single sign-on (SSO) vulnerability, which allows unauthorized configuration changes. According to researchers at Arctic Wolf, the exploit hinges on ...