Bleeping Computer

New SuperBlack ransomware exploits Fortinet auth bypass flaws

A new ransomware operator named 'Mora_001' is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. The ...
Bleeping Computer

Fortinet discloses second firewall auth bypass patched in January

Update 2/11/25 07:32 PM ET: After publishing our story, Fortinet has informed us that the new CVE-2025-24472 flaw added to FG-IR-24-535 today is not a zero-day and was already fixed in January.
ZDNet

FBI issues warning about Fortinet vulnerabilities after APT group hacks local goverment office

The release said an "APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a US municipal government." "The APT actors likely created an account ...