The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
CSO Online

Fortinet confirms new zero-day attacks against customer devices

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...

Fortinet confirms critical FortiCloud auth bypass not fully patched

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to ...
The Hacker News

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions ...
SecurityWeek

Organizations Warned of Exploited Linux Vulnerabilities

CISA has added to the KEV catalog two Linux vulnerabilities leading to privilege escalation and authentication bypass via ...
CSO Online

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.
Forbes

Google And Microsoft Users Warned As New 2FA Bypass Attacks Reported

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, Dec. 25, 2024: This story, originally published Dec.