Fortinet firewalls hit by huge password-stealing attack — around 75,000 users possibly affected

Researchers discovered a major database containing plaintext passwords.
Homeland Security Today

CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure

CISA says they are aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices ...
Tech Times

Fortinet FortiGate Credential Leak Hits 73,932 Firewalls: Half the Internet-Facing Fleet

Fortinet FortiGate credential leak dubbed FortiBleed has exposed verified admin passwords for 73,932 firewalls in 194 ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
Bleeping Computer

Fortinet fixes critical vulnerabilities in SSL VPN and web firewall

Fortinet has fixed multiple severe vulnerabilities impacting its products. The vulnerabilities range from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS) and impact the ...