Cyber SecurityFriday, July 3, 2026 5 min read
Zero-day in Fortinet VPN exposes 400,000 corporate endpoints
Patches are rolling now, but researchers say active exploitation started at least eight days before public disclosure.
MB
By Marcus Bennett
Security Reporter
Share:
CISA issued an emergency directive within hours of Fortinet's advisory. Federal civilian agencies have 72 hours to patch or disconnect.
The vulnerability — a heap overflow in the SSL-VPN daemon — allows unauthenticated remote code execution as root.
Previous
Rust just overtook Go as the fastest-growing language in cloud infra
Next
Pixel 11 Pro review: Google finally built the camera the Pixel deserved