Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.
CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

Fortinet continues to combat ongoing SSO admin attacks

Attackers have been targeting various Fortinet products for some time. A functional security update is still missing.
Investor's Business Daily on MSN

Cybersecurity firm Fortinet earnings, revenue, billings top estimates

Fortinet stock popped amid Q4 earnings, revenue and billings that topped estimates while 2026 guidance came in above views.
GovInfoSecurity

Attacks Target Freshly Patched, Critical Fortinet Flaws

Critical vulnerabilities in edge devices are continuing to be discovered by security researchers and rapidly targeted by attackers. Lately this includes a critical ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
SecurityWeek

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...
Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...