Fortinet finally cops to critical make-me-admin bug under active exploitation

The battering attempts against Fortinet's web application firewalls date back to October 6, when cyber deception firm Defused ...
SecurityWeek

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability

Fortinet said an exploited FortiWeb vulnerability (CVE-2025-64446) allows attackers to gain administrative access to the ...
American Hospital Association

H-ISAC TLP White Vulnerability Bulletin: Zero-Day Exploitation of Fortinet FortiWeb Path Traversal Flaw

On October 6, 2025, security researchers at Defused reported a path traversal flaw in Fortinet’s FortiWeb web application firewall (WAF) being exploited in-the-wild as a zero-day since October 2025.

Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks

Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being ...

Fortinet: New Exploit Abuses Zero-Day Vulnerability in Firewalls

IT researchers have found new exploit code in their honeypot. It attacks a previously unknown Fortinet security vulnerability ...
Security Boulevard

Exploring the Pros and Cons of Web Application Firewalls (WAFs) – FireTail Blog

Nov 11, 2025 - Jeremy Snyder - Over the last few years, web application attacks have become one of the leading causes of data breaches, making web application security increasingly important for ...