Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
TechRadar

Update now — Fortinet Windows VPN hacked to steal user data

Researchers spot Chinese threat actor stealing login credentials from Fortinet VPN Thefts carried out with the help of a vulnerability discovered in 2023 The bug is yet to be addressed, or even ...
techtimes

Fortinet VPN Hacked by China, Over 20,000 Affected Says Netherlands Government

According to the Dutch government, China's state hackers hacked the Fortinet VPN via an undisclosed vulnerability that was recently discovered. The massive hack affected 20,000 of Fortinet's VPN ...
SecurityWeek

Fortinet Warns of New Attacks Exploiting Old Vulnerability

Fortinet says threat actors are abusing CVE-2020-12812, an improper authentication vulnerability in FortiOS, in a fresh wave ...

Over 10K Fortinet firewalls exposed to actively exploited 2FA bypass

Over 10,000 Internet-exposed Fortinet firewalls are still vulnerable to attacks exploiting a five-year-old two-factor ...
ZDNet

A Chinese APT is now going after Pulse Secure and Fortinet VPN servers

A group of Chinese state-sponsored hackers is targeting enterprise VPN servers from Fortinet and Pulse Secure after details about security flaws in both products became public knowledge last month.
TechRadar

Deploying Fortinet VPN with default settings can leave your organization open to attack

Over 200,000 businesses that have deployed Fortinet VPN with its default configuration could be vulnerable to man-in-the-middle (MitM) attacks according to new research from the network security ...