Skip to content
The Nexus
DossierENTITY

Fortinet

Coverage of Fortinet in the Nexus archive.

Earliest in view: Apr 6 · 18:14 UTCMost recent: Jul 1 · 21:37 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJul 1 · 21:37 UTCBLEEPING COMPUTER
    FortiBleed credential-theft campaign linked to Lynx ransomware

    The FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations. Stolen Fortinet credentials were likely intended to facilitate future network intrusions.

  • SECURITYJun 19 · 06:47 UTCBLEEPING COMPUTER
    CISA warns Fortinet users to secure devices after FortiBleed leak

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Fortinet users to secure their devices following the 'FortiBleed' data leak, which exposed nearly 74,000 firewall and VPN credentials. The incident highlights the need for immediate action to protect affected systems.

  • SECURITYJun 16 · 18:27 UTCTHE REGISTER
    Three critical Fortinet sandbox bugs splattered by unknown attackers

    Three critical vulnerabilities in Fortinet's FortiSandbox are being actively exploited by unknown attackers. Fortinet has patched two of the flaws (CVE-2026-39813 and CVE-2026-39808) in April and a third (CVE-2026-25089) last week, all rated 9.1 on the CVSS scale. Threat intelligence firm Defused reported ongoing exploitation attempts, including unpatched vulnerabilities allowing remote code execution and authentication bypass.

  • SECURITYJun 16 · 09:19 UTCBLEEPING COMPUTER
    Critical Fortinet FortiSandbox flaws now exploited in attacks

    Attackers are exploiting critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, as reported by threat intelligence company Defused.

  • SECURITYMay 28 · 15:26 UTCTHE HACKER NEWS
    Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

    Threat actors are exploiting a patched security flaw in FortiClient Endpoint Management Server (EMS) to deploy credential-stealing malware. Arctic Wolf reported that the campaign used trusted endpoint management infrastructure to deliver malware across managed endpoints, disguising the payload as a Fortinet endpoint update.

  • SECURITYMay 18 · 10:54 UTCTHE HACKER NEWS
    Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

    Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. A critical flaw impacting Ivanti Xtraction could be exploited to achieve information disclosure or client-side attacks. The vulnerabilities affect multiple products from these companies.

  • SECURITYMay 12 · 18:23 UTCBLEEPING COMPUTER
    Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator

    Fortinet has released security patches for critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. The flaws are considered critical RCE vulnerabilities. Fortinet's patches address these issues to prevent potential attacks.

  • TECHNOLOGYMay 6 · 20:45 UTCMARKETWATCH
    Fortinet’s stock rockets higher as earnings help dispel fears of AI disruption

    Fortinet's stock has increased due to strong earnings, dispelling fears of AI disruption in the cybersecurity industry. The company's offerings are in high demand due to an increasingly complex threat environment. This boost in demand is driving the company's growth.

  • SECURITYApr 20 · 10:00 UTCCYBERSCOOP
    Network ‘background noise’ may predict the next big edge-device vulnerability

    Research by GreyNoise indicates that spikes in network traffic targeting edge devices can predict upcoming vulnerability disclosures, often up to nine days before public alerts. The study found that 50% of detected activity surges led to vendor disclosures within three weeks, highlighting coordinated attacker behavior against security appliances.

  • SECURITYApr 15 · 17:52 UTCTHE REGISTER
    Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP

    Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass login and execute unauthorized commands over HTTP. No active exploitation reports yet, but warnings urge vigilance against potential future attacks.

  • SECURITYApr 15 · 12:37 UTCTHE HACKER NEWS
    April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

    April's Patch Tuesday addresses critical vulnerabilities in products from Adobe, Fortinet, Microsoft, and SAP. A high-severity SQL injection flaw (CVE-2026-27681) in SAP's Business Planning and Consolidation and Business Warehouse systems could allow arbitrary database execution.

  • SECURITYApr 14 · 05:39 UTCTHE HACKER NEWS
    CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

    CISA added six actively exploited vulnerabilities to its KEV catalog, including an SQL injection flaw in Fortinet FortiClient EMS (CVE-2026-21643) with a CVSS score of 9.1. The vulnerabilities affect software from Fortinet, Microsoft, and Adobe.

  • SECURITYApr 6 · 20:24 UTCDARK READING
    Fortinet Issues Emergency Patch for FortiClient Zero-Day

    Fortinet has issued an emergency patch for a zero-day vulnerability in FortiClient, tracked as CVE-2026-35616, which allows authentication bypass. This flaw is part of a series of Fortinet vulnerabilities that have been exploited in the wild.

  • SECURITYApr 6 · 18:14 UTCTHE REGISTER
    Attackers exploited this critical FortiClient EMS bug as a 0-day

    A critical vulnerability in FortiClient Enterprise Management Server (EMS) was exploited as a 0-day attack, prompting Fortinet to release an emergency patch. CISA added the flaw to its Known Exploited Vulnerabilities (KEV) list after confirming real-world exploitation since March 31.

Fortinet · Dossier · The Nexus