To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.

The flaw, tracked as CVE-2026-24858, allows an attacker with a registered device and a FortiCloud account to access devices ...

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

While customers crave seamless authentication experiences across every platform, single sign-on (SSO) has become a game-changer in pleasing users. Regardless of the niche, businesses catering to their ...

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via ...

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to ...

Those hoping for a reprieve following last week's patch pantomime are out of luck. After users reported successful ...

The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...