Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.

Days after admins began reporting that their fully patched firewalls are being hacked, Fortinet confirmed it's working to ...

Threat actors started exploiting a SmarterMail authentication bypass flaw for remote code execution only days after patches ...

Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration ...

All SAML SSO implementations, including FortiCloud SSO, are vulnerable to authentication bypass and malicious configuration ...

The 11-year-old vulnerability likely impacts many devices that are no longer supported — and presents easy exploit even for ...

A 9.8-severity flaw (CVE-2026-24061) in GNU InetUtils telnetd allows remote authentication bypass and root access in versions ...

A new patch fixes six important GitLab flaws ...

Update, Dec. 03, 2024: This story, originally published Dec. 02, now updated to reflect the 2FA-bypass security threat beyond Black Friday and Cyber Monday. The busiest period of online shopping, ...

Organizations with a comprehensive identity security strategy are better positioned to defend against evolving threats and ...

Organizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform that the company released this week.

A critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) has now been exploited by threat actors in the wild, according to the US Cybersecurity and Infrastructure ...