Bleeping Computer

Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks

Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was ...
Dark Reading

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Researchers have written exploit code for a critical remote code execution (RCE) vulnerability in Fortinet's FortiGate SSL VPNs that the vendor disclosed and patched in June 2023. Bishop Fox's ...
Fudzilla

Dutch spooks warn about Fortinet VPN hack

Cyber attackers, believed to be working for the Chinese government, breached over 20,000 VPN devices sold by Fortinet by exploiting a critical vulnerability that remained undisclosed by the company ...
Ars Technica

Fortinet SSL-VPN or Windows VPN

I already setup the Fortigate to do SSL-VPN using Active Directory (LDAP) for authentication. It works great, but requires a Fortinet client installation and some ...
Bleeping Computer

Fortinet: New FortiOS RCE bug "may have been exploited" in attacks

Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting government, manufacturing, and critical infrastructure organizations.