ShinyHunters claim to be behind SSO-account data theft attacks

The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) ...
The Hacker News

Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls

Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass affecting fully patched FortiGate devices via SAML abuse.
SecurityWeek

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...

Okta SSO accounts targeted in vishing-based data theft attacks

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal ...