A new cluster of automated malicious activity targeting FortiGate firewall devices. Beginning January 15, 2026, threat actors have been observed executing unauthorized configuration changes, establishing persistence through generic accounts, and exfiltrating sensitive firewall configuration data. This campaign echoes a December 2025 incident involving malicious SSO logins shortly after Fortinet disclosed critical vulnerabilities CVE-2025-59718 and CVE-2025-59719. […]
The post FortiGate Firewalls Hacked in Automated Attacks to Steal Configuration Data appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: