Tag: fortinet
-
Sweeping Credential-Harvesting Heist Compromises +30K Fortinet Devices
Attackers actively are targeting various sectors across nearly 200 countries and have already compiled a list of working credentials for tens of thousands of compromised devices First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sweeping-credential-harvesting-heist-compromises-30k-fortinet-devices
-
Angreifer im System: Drei kritische Lücken in Fortinet aktiv ausgenutzt
Das Sicherheitsunternehmen Defused Cyber meldet die aktive Ausnutzung von drei kritischen Schwachstellen in der Sandbox-Software von Fortinet. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/fortinet-drei-kritische-luecken
-
Attackers are exploiting FortiSandbox vulnerabilities
Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/fortisandbox-vulnerabilities-cve-2026-39813-cve-2026-39808-cve-2026-25089/
-
Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it’s seen active exploitation of three vulnerabilities in Fortinet FortiSandbox within a 24-hour window. Two of them had patches sitting available since April. The third got fixed last week, which, apparently, wasn’t…
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could First…
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
-
Fortinet patched a new critical FortiSandbox flaw
Fortinet patched a critical FortiSandbox vulnerability that could let unauthenticated attackers remotely execute commands via crafted HTTP requests. Fortinet released security updates to address several vulnerabilities affecting FortiSandbox, FortiOS, FortiProxy, and FortiPortal. The most severe issue, tracked as CVE-2026-25089 (CVSS score of 9.8), is an OS command injection flaw in FortiSandbox products. The vulnerability could…
-
Gentlemen Ransomware Exploits Fortinet Flaws, AI, and Custom C2 Tools
A newly analyzed leak tied to The Gentlemen ransomware group reveals how modern ransomware operations are evolving in structure and tooling while relying on the same proven intrusion techniques seen over the past four years. The leak also highlights operator continuity across major ransomware brands. A threat actor known as “Tinker” appears across Conti (2022),…
-
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerabilityIvanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
-
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerabilityIvanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
-
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing it at scale. What began as a rising RaaS brand in mid”‘2025 has, by early 2026, evolved into one of the most active programs on the underground, with hundreds of victims and a…
-
Fortinet warns of critical RCE flaws in FortiSandbox and FortiAuthenticator
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-rce-flaws-in-fortisandbox-and-fortiauthenticator/
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…
-
Survey Sees Rising Demand for Senior Cybersecurity Pros in Age of AI
A global survey of 2,750 cybersecurity and IT professionals published this week finds that for the third consecutive year a lack of cybersecurity skills is cited as the top cause of security breaches (56%), with 51% reporting they specifically need individuals with senior-level skills. Conducted by Sapio Research on behalf of Fortinet, the survey, however,..…
-
Survey Sees Rising Demand for Senior Cybersecurity Pros in Age of AI
A global survey of 2,750 cybersecurity and IT professionals published this week finds that for the third consecutive year a lack of cybersecurity skills is cited as the top cause of security breaches (56%), with 51% reporting they specifically need individuals with senior-level skills. Conducted by Sapio Research on behalf of Fortinet, the survey, however,..…
-
Iran Alleges US Networking Gear Was Deliberately Disabled
Reports from Iranian state media claim that U.S.-manufactured networking gear ceased functioning at critical moments during military strikes. The allegations, which cannot be independently verified, claim there were simultaneous failures across routers and switches produced by Cisco, Fortinet, Juniper Networks, and MikroTik during attacks on Iranian infrastructure. According to accounts published by the Iranian Fars..…
-
Iran Alleges US Networking Gear Was Deliberately Disabled
Reports from Iranian state media claim that U.S.-manufactured networking gear ceased functioning at critical moments during military strikes. The allegations, which cannot be independently verified, claim there were simultaneous failures across routers and switches produced by Cisco, Fortinet, Juniper Networks, and MikroTik during attacks on Iranian infrastructure. According to accounts published by the Iranian Fars..…
-
Iran Alleges US Networking Gear Was Deliberately Disabled
Reports from Iranian state media claim that U.S.-manufactured networking gear ceased functioning at critical moments during military strikes. The allegations, which cannot be independently verified, claim there were simultaneous failures across routers and switches produced by Cisco, Fortinet, Juniper Networks, and MikroTik during attacks on Iranian infrastructure. According to accounts published by the Iranian Fars..…
-
Nexcorium Mirai variant exploits TBK DVR flaw to launch DDoS attacks
A Mirai variant called Nexcorium exploits a flaw in TBK DVRs to infect devices and use them in DDoS attacks, along with outdated TP-Link routers. Fortinet researchers found that threat actors are exploiting vulnerabilities in TBK DVRs and end-of-life TP-Link routers to spread a Mirai variant called Nexcorium. >>IoT devices are increasingly prime targets for…
-
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end”‘of”‘life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting…
-
New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks
Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks. First seen on hackread.com Jump to article: hackread.com/mirai-variant-nexcorium-dvr-devices-ddos-attacks/
-
New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks
Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks. First seen on hackread.com Jump to article: hackread.com/mirai-variant-nexcorium-dvr-devices-ddos-attacks/
-
PoC Released for FortiSandbox Flaw Enabling Arbitrary Command Execution
A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox. Tracked as CVE-2026-39808, this severe vulnerability allows an unauthenticated attacker to execute arbitrary commands on the underlying operating system with the highest level of privileges. Security researcher Samuel de Lucas recently published the exploit details on GitHub, highlighting the…
-
Patch these critical Fortinet sandbox bugs that let attackers bypass login, run commands over HTTP
No reports of active exploitation (yet) First seen on theregister.com Jump to article: www.theregister.com/2026/04/15/critical_fortinet_sandbox_bugs/
-
Breach Roundup: Mr. Raccoon Wants Your Password
Tags: breach, china, data, data-breach, flaw, fortinet, healthcare, leak, password, phishing, ransomware, scamAlso, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing Takedown. This week, a Raccoon-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-mr-raccoon-wants-your-password-a-31450
-
Brute-force cyberattacks originating in Middle East surge in Q1
Hackers have primarily targeted SonicWall and Fortinet devices, according to researchers.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/brute-force-cyberattacks-originating-in-middle-east-surge-in-q1/817440/