Fortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManager

Threat Score:
55
The Hacker News
3 days ago

Overview

Cybersecurity researchers are warning of a "significant spike" in brute-force traffic aimed at Fortinet SSL VPN devices. The coordinated activity, per threat intelligence firm GreyNoise, wasobservedon August 3, 2025, with over 780 unique IP addresses participating in the effort. As many as 56 unique IP addresses have been detected over the past 24 hours. All the IP addresses have beenclassifiedas malicious, with the IPs originating from the United States, Canada, Russia, and the Netherlands. Tar...

Related Articles

5 articles
1

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

The Hacker News 4 hours ago

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications," Hunt.iosaidin a report. ERMAC wasfirst documentedby ThreatFabric in September 2021, detailing its ability to cond

Score
86
Read more
3

ERMAC v3.0 Banking Malware Source Code Exposed via Weak Password ‘changemeplease’

Cybersecurity News 1 hour ago

Researchers at Hunt.io have made a significant discovery in the cybersecurity field by obtaining and analyzing the complete source code of ERMAC V3.0. This advanced Android banking trojan targets over 700 financial applications worldwide. This unique insight into an active malware-as-a-service platform offers a valuable understanding of modern cybercriminal operations and highlights critical vulnerabilities that could assist […]

Score
78
Read more
4

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages

GB Hackers 4 hours ago

Threat Actors Abuse npm Developer Accounts Hijacked to Spread Malicious Packages A sophisticated phishing campaign targeting the maintainer of eslint-config-prettier, a widely-used npm package with over 3.5 billion downloads, resulted in malicious code being distributed to thousands of developer projects worldwide. The incident, discovered on July 18 by ReversingLabs’ automatedthreat detectionsystem, highlights critical vulnerabilities in modern software development practices, particularly the r

Score
77
Read more
5

New Gmail Phishing Attack With Weaponized Login Flow Steals Login Credentials

Cybersecurity News 57 minutes ago

A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins with deceptive “New Voice Notification” emails that appear to come from legitimate voicemail services. These emails contain spoofed sender information and feature prominent “Listen to Voicemail” […]

Score
76
Read more