All CosmicBytez Labs articles tagged #Fortinet, across news, security advisories, how-to guides, and projects.
CISA added two critical Fortinet FortiSandbox OS command injection vulnerabilities to its KEV catalog and gave federal agencies just three days to patch, as active exploitation continues against the security appliance platform.
Threat actors who exploited the FortiBleed vulnerability to gain persistent access to thousands of Fortinet firewalls are now monetizing that access by...
SOCRadar uncovered FortiBleed — a large-scale credential-harvesting campaign targeting 11,250 FortiGate portals across 150+ countries, resulting in 110...
Researchers have connected the massive FortiBleed credential-theft operation — which harvested credentials from over 86,000 FortiGate firewalls — directly...
Deep analysis of the FortiBleed operation reveals a sophisticated five-stage credential harvesting pipeline — custom Golang sniffers, Telegram-based...
The FortiBleed campaign's operators weaponize Fortinet's own built-in diagnostic command to run a custom Golang sniffer that intercepts 24 authentication...
A financially motivated Russian-speaking initial access broker behind the FortiBleed campaign has been systematically harvesting credentials from over...
A Russian-speaking initial access broker has compromised 86,644 verified credentials from over 430,000 internet-facing Fortinet FortiGate devices across...
A Russian IAB harvests 110M credentials from FortiGate firewalls; the Icarus group drains hundreds of Salesforce orgs via Klue OAuth tokens; a 29-year-old...
The large-scale FortiBleed campaign targeting Fortinet FortiGate devices deployed custom packet sniffers to harvest authentication secrets from...
Nearly 74,000 Fortinet firewall and VPN credentials were exposed in the FortiBleed data leak, prompting CISA to urge immediate device hardening and...
Multiple threat intelligence firms have confirmed active exploitation of two critical vulnerabilities in Fortinet's FortiSandbox product — security flaws...
A data leak dubbed FortiBleed has exposed configuration files and VPN credentials for 73,932 Fortinet firewall URLs, putting organizations worldwide at...
Fortinet's April hotfix for the actively exploited CVE-2026-35616 FortiClient EMS flaw is now seeing renewed exploitation, as attackers continue targeting...
A coordinated wave of critical security patches landed this week from Ivanti, Fortinet, SAP, VMware, and n8n. Topping the list is CVE-2026-8043 in Ivanti...
Fortinet has released emergency security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to...
Google confirms the first AI-generated zero-day in the wild; TeamPCP's Mini Shai-Hulud worm hits TanStack, Mistral AI, and Guardrails AI; Instructure pays...
Threat actors are deploying the Nexcorium Mirai botnet variant by exploiting CVE-2024-3721 in TBK DVR devices and targeting end-of-life TP-Link Wi-Fi...
Storm-1175 runs sub-24-hour Medusa ransomware campaigns using zero-days; the FBI IC3 reports a record $21 billion in US cybercrime losses for 2025; North...
A critical zero-day in FortiClient EMS with a CVSS score of 9.8 is being actively exploited in the wild while Fortinet has released only an emergency...
This week's biggest cybersecurity stories: a North Korean supply chain attack hit the Axios npm package, a new Chrome zero-day under active exploitation,...
Fortinet has released emergency out-of-band patches for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that enables...
Fortinet has released an emergency weekend security update for CVE-2026-35616, a critical pre-authentication API access bypass in FortiClient EMS that is...
Threat intelligence firm Defused confirms active in-the-wild exploitation of a critical vulnerability in Fortinet's FortiClient EMS platform....
Amazon's threat intelligence team has documented how a Russian-speaking, financially motivated actor used multiple commercial generative AI tools to...
Optimize FortiGate performance with NP/CP offloading, session table tuning, UTM profile optimization, SD-WAN performance rules, conserve mode prevention,...
Complete FortiGate hardening guide covering admin access lockdown, firmware management, interface hardening, DNS/NTP security, certificate management,...
Fortinet patches a critical heap-based buffer overflow in FortiOS SSL VPN that allows unauthenticated remote code execution on FortiGate appliances....
Fortinet patches a CVSS 9.8 SQL injection in FortiClientEMS 7.4.4 allowing unauthenticated remote code execution. Endpoint management servers across...
Configure FortiAnalyzer for centralized logging, SIEM integration, and compliance reporting. Covers syslog forwarding, custom log handlers, and PCI/HIPAA...
Automate FortiGate firewall policy creation, backup, and auditing using PowerShell and the FortiOS REST API. Includes bulk rule deployment, change...
Configure IPsec site-to-site VPN between FortiGate firewall and Azure VPN Gateway. Covers IKE configuration, routing, BGP, and high availability.
Configure FortiGate SSL VPN for secure remote user access. Covers portal setup, user authentication, firewall policies, and FortiClient configuration.
Deploy enterprise SD-WAN with FortiGate featuring dual ISP failover, performance SLAs, application steering, and Zero Trust architecture integration.
Deploy enterprise-grade centralized management for your Fortinet Security Fabric with FortiManager for configuration management and FortiAnalyzer for...
This week: FortiGate SD-WAN deployment, new CVEs affecting critical infrastructure, and Azure Sentinel implementation tips.
Security researchers warn of mass exploitation campaigns targeting Fortinet FortiGate firewalls. Over 50,000 devices believed to be compromised globally.