InfoSecBulletin Cybersecurity for mankind
Fortinet released security updates for critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could let attackers bypass FortiCloud SSO authentication.
Threat actors can exploit the security flaws CVE-2025-59718 and CVE-2025-59719 by taking advantage of weaknesses in cryptographic signature verification in affected products using a malicious SAML message.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Fortinet stated today that the vulnerable FortiCloud feature isn’t enabled by default if the device isn’t registered with FortiCare.
“Please note that the FortiCloud SSO login feature is not enabled in default factory settings,” Fortinet said. “However, when an administrator registers the device to FortiCare from the device’s GUI, unless the administrator disables the toggle switch ‘Allow administrative login using FortiCloud SSO’ in the registration page, FortiCloud SSO login is enabled upon registration.”
Admins should temporarily disable the FortiCloud login feature until they upgrade to a secure version to protect against attacks exploiting vulnerabilities.
To disable FortiCloud login, navigate to System -> Settings and switch “Allow administrative login using FortiCloud SSO” to Off. Alternatively, you can run the following command from the command-line interface:
The company has fixed another security flaw that let attackers change passwords without permission, as well as another issue allowing password hashes to be used for authentication.
In February, Fortinet revealed that the Chinese Volt Typhoon hacking group infiltrated a Dutch Ministry of Defence network with Coathanger RAT malware, exploiting two FortiOS SSL VPN vulnerabilities (CVE-2023-27997 and CVE-2022-42475).
In August, Fortinet fixed a command injection vulnerability (CVE-2025-25256) in FortiSIEM, just after GreyNoise reported a rise in brute-force attacks on Fortinet SSL VPNs.
