Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...

The cybersecurity company pointed out that the fresh campaign resembles December 2025 attacks targeting CVE-2025-59718 and CVE-2025-59719, two critical-severity defects impacting the FortiCloud SSO ...

Understand five best practices to overcome the most common SSO failure points and how organizations can reduce identity risk ...

Scattered LAPSUS$ Hunters are targeting major firms with sophisticated voice phishing attacks.

We continue to alert our readers to the uptick and successful use of vishing attacks against companies. Threat actors continue to be creative ...

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.

Learn how to implement Single Sign-On with External Security Token Services (STS). A deep dive into SAML, OIDC, and token exchange for CTOs and VP Engineering.

Discover top community help resources for Single Sign-on, CIAM, and enterprise authentication. Learn where CTOs and VPs of Engineering find technical support.

Fix didn't quite do the job – attackers spotted logging in Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication ...

Kim Komando reveals how clicking Sign in with Google or Sign in with Facebook lets tech giants track every site you visit and everything you do there.

Mandiant analyzed ShinyHunters' MO, detailing how it steals login and MFA codes.