Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...

Okta SSO accounts targeted in vishing-based data theft attacks

Okta is warning about custom phishing kits built specifically for voice-based social engineering (vishing) attacks.

Massive identity theft campaign targeting Okta single sign-on

Scattered LAPSUS$ Hunters are targeting major firms with sophisticated voice phishing attacks.
The Register on MSN

Fortinet admits FortiGate SSO bug still exploitable despite December patch

Fix didn't quite do the job – attackers spotted logging in Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication ...