Fortigate is a technology platform tracked across 31 threat clusters and 66 intelligence report mentions on ThreatCluster. First observed November 17, 2025; most recent activity July 2, 2026.
Threat actors are actively exploiting critical authentication bypass vulnerabilities in Fortinet's FortiGate appliances, specifically CVE-2025-59718 and CVE-2025-59719. These vulnerabilities allow unauthenticated single…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
Forescout Technologies has identified 22 new vulnerabilities in serial-to-IP converters from Lantronix and Silex, which are widely used in critical sectors like healthcare and utilities. These vulnerabilities,…
A credential-harvesting campaign known as 'FortiBleed' has compromised over 75,000 Fortinet firewalls and VPNs across 194 countries. The attackers, suspected to be Russian-speaking cybercriminals, exploited previously…
A recent intrusion campaign utilized the Nightmare-Eclipse privilege escalation tools, specifically BlueHammer, RedSun, and UnDefend, following unauthorized access through compromised FortiGate SSL VPN credentials. This…
Fortinet has identified multiple critical vulnerabilities in its FortiSandbox and FortiAuthenticator products, which could allow unauthenticated attackers to execute arbitrary code remotely. The vulnerabilities are…
On March 10, 2026, Fortinet released a security advisory addressing eleven vulnerabilities in its core products, including a high-severity stack-based buffer overflow in FortiManager (CVE-2025-54820) that allows remote…
In April 2026, Anthropic's AI model Mythos autonomously discovered 181 exploits for Firefox and identified thousands of zero-day vulnerabilities across major operating systems and browsers, including a 27-year-old bug…
CVE-2024-47575, known as FortiJump, has been actively exploited since June 2024, affecting over 50 FortiManager devices across various industries. The vulnerability allows unauthorized control of FortiManager…
The FortiBleed campaign has been linked to two ransomware groups, INC Ransom and Lynx, through an operational security lapse that revealed one actor's simultaneous access to both groups' negotiation panels. This…