Author: Jordan Rogers

Executive Summary As of March 10, 2026, threat actors are actively exploiting Fortinet authentication-bypass vulnerabilities to compromise FortiGate and related Fortinet infrastructure, extract service account credentials, and move laterally across victim networks. Three CVEs are central to this campaign: CVE-2025-59718, CVE-2025-59719, and CVE-2026-24858. All three have confirmed exploitation in the wild according to NVD and multiple industry sources [1][2][3]. Patches exist for most affected

Critical Dell RecoverPoint Vulnerability CVE‑2026‑22769 exploited by UNC6201; review impact, affected versions, and patch guidance to secure virtualized environments.

Cybersecurity Advisory As of December 26, 2025, Fortinet confirms active exploitation of CVE‑2020‑12812, an improper authentication vulnerability in FortiOS SSL VPN that allows users to bypass two‑factor authentication (2FA) by altering the case of the username. The flaw affects several FortiOS branches and remains under active exploitation by multiple threat actors according to Fortinet’s December 24, 2025 advisory(thehackernews.com). The vulnerability is listed in CISA’s

Cybersecurity Advisory As of December 19, 2025, WatchGuard Fireware OS is impacted by a critical out‑of‑bounds write vulnerability, CVE‑2025‑14733, actively exploited in the wild according to the vendor’s advisory [1]. The flaw affects IKEv2 Mobile User VPN and Branch Office VPN configurations involving dynamic gateway peers. Patch updates are available for supported versions, and exploitation attempts have been confirmed from multiple IPs. The vulnerability carries