Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

Fortinet confirmed that a new zero-day vulnerability under exploitation was the cause of a spate of malicious logins through FortiCloud's single sign-on (SSO) feature. The cybersecurity vendor on ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. Fortinet on Tuesday rolled out emergency patches for a FortiCloud SSO login ...
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...