Risky Bulletin: Improperly patched bug exploited again in Fortinet firewalls

6 snips

Jan 22, 2026

Hackers are exploiting a poorly patched bug in Fortinet firewalls to create backdoor accounts. Cisco and SmarterMail recently rushed to patch zero-day vulnerabilities allowing severe security breaches. Meanwhile, troubling reports reveal Jordanian police misused Cellebrite technology against activists. Other highlights include investigations into data breaches in New Zealand and cybersecurity mishaps involving AI-generated noise disrupting bug bounties. This week, the focus is on the continual battle between cyber defenders and emerging threats.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Audit Fortinet SSO And Apply Patches

Check whether single sign-on is enabled on your Fortinet devices and disable if unused.
Apply Fortinet's latest patches and review accounts for unauthorized backdoors immediately.

INSIGHT

Fortinet Patch Failure Enables Fresh Backdoors

A December Fortinet SSO bug was not properly fixed and is being re-exploited to create backdoor accounts.
The exploit targets devices with SSO enabled, which is off by default for most appliances.

ADVICE

Prioritize Patching Web Interfaces

Prioritize patching internet-facing web interfaces for communication and mail platforms immediately.
Monitor logs for suspicious resets or remote code execution indicators after patching.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Risky Bulletin: Improperly patched bug exploited again in Fortinet firewalls

Audit Fortinet SSO And Apply Patches

Fortinet Patch Failure Enables Fresh Backdoors

Prioritize Patching Web Interfaces

Show notes