Attack reports (8)

• AI-augmented threat actor accesses FortiGate devices at scale · Published 21/04/2026 16:20 · Modified 22/04/2026 08:59
• Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise · Published 11/03/2026 11:10 · Modified 16/03/2026 09:51
• Malicious Configuration Changes Observed On Fortinet FortiGate Devices via SSO Accounts · Published 22/01/2026 00:39 · Modified 22/01/2026 11:19
• Malicious SSO Logins Observed Following Disclosure of CVE-2025-59718 and CVE-2025-59719 · Published 15/12/2025 21:41 · Modified 21/12/2025 19:05
• SHOE RACK: A post-exploitation tool for remote shell access & TCP tunnelling … · Published 26/06/2025 21:05 · Modified 27/06/2025 07:55
• Console Chaos: A Campaign Targeting Publicly Exposed Management Interfaces on Fortinet FortiGate … · Published 11/01/2025 02:10 · Modified 13/01/2025 10:44
• Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) · Published 24/10/2024 11:31 · Modified 28/10/2024 12:55
• Patch or Peril: A Veeam vulnerability incident · Published 12/07/2024 17:31 · Modified 12/07/2024 17:49