Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
Hosted on MSN

Update now — Fortinet Windows VPN hacked to steal user data

Researchers spot Chinese threat actor stealing login credentials from Fortinet VPN Thefts carried out with the help of a vulnerability discovered in 2023 The bug is yet to be addressed, or even ...
Ars Technica

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says

Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after ...
Bleeping Computer

Spike in Fortinet VPN brute-force attacks raises zero-day concerns

A massive spike in brute-force attacks targeted Fortinet SSL VPNs earlier this month, followed by a switch to FortiManager, marked a deliberate shift in targeting that has historically preceded new ...
Hosted on MSN

Fortinet VPNs under attack from potential zero-day - FortiSIEM security tools also at risk, so be on your guard

Someone has been trying to break into Fortinet VPN products GreyNoise believes this is in preparation of a zero-day exploit The researchers expect a CVE to be published within weeks Fortinet users are ...
CSOonline

Fortinet urges patching N-day bug amid ongoing nation-state exploitation

The flaw has a critical severity rating with a CVSS score of 9.6 and allows a remote unauthenticated actor to execute arbitrary commands by specially crafted HTTP requests. Fortinet has advised users ...