Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
ZDNet

VPN users: If you're on Fortinet, Palo Alto, Pulse Secure, patch now, warns spy agency

If your employees are using virtual private networks (VPNs) from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search through system logs for signs of compromise. As ...
Gizmodo

Cybercriminal Gang Just Leaked 500,000 Fortinet VPN Users’ Passwords

A hacker gang has allegedly collected and dumped a large trove of approximately 500,000 login credentials belonging to users of a popular VPN product from cybersecurity firm Fortinet. The threat actor ...
techtimes

Fortinet VPN Hacked by China, Over 20,000 Affected Says Netherlands Government

According to the Dutch government, China's state hackers hacked the Fortinet VPN via an undisclosed vulnerability that was recently discovered. The massive hack affected 20,000 of Fortinet's VPN ...
Dark Reading

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...
Threat Post

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Three security vulnerabilities in the Fortinet SSL VPN are being used to gain a foothold within networks before moving laterally and carrying out recon. The FBI and the Cybersecurity and ...