Bleeping Computer

New Boldmove Linux malware used to backdoor Fortinet devices

Suspected Chinese hackers exploited a recently disclosed FortiOS SSL-VPN vulnerability as a zero-day in December, targeting a European government and an African MSP with a new custom 'BOLDMOVE' Linux ...
CSOonline

Attackers deploy sophisticated Linux implant on Fortinet network security devices

In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, ...
HHS

Fortinet Fixes Critical Remote Code Flaw

Fortinet has patched a critical remote code execution vulnerability in its Secure Sockets Layer network protocol that could give adversaries access to networks. See Also: Breaches Won't Stop Until We ...
Bleeping Computer

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Update 6/12/23 added below: Fortinet released a new advisory warning that the vulnerability may have been exploited in attacks. Fortinet has released new Fortigate firmware updates that fix an ...
Threat Post

FortiGate VPN Default Config Allows MitM Attacks

The client’s default configuration for SSL-VPN has a certificate issue, researchers said. Default configurations of Fortinet’s FortiGate VPN appliance could open organizations to man-in-the-middle ...
Fudzilla

Dutch spooks warn about Fortinet VPN hack

Cyber attackers, believed to be working for the Chinese government, breached over 20,000 VPN devices sold by Fortinet by exploiting a critical vulnerability that remained undisclosed by the company ...
ZDNet

Critical security alert: If you haven't patched this old VPN vulnerability, assume your network is compromised

Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have ...