📌 1. New Zero-Day Vulnerability Exploited (CVE-2026-24858)
Fortinet confirmed in late January 2026 a critical authentication vulnerability in FortiCloud SSO that is being openly exploited in real-world attacks.

• The flaw allows attackers to bypass FortiCloud's single sign-on mechanisms and access devices registered by other users.
• This flaw was designated CVE-2026-24858 and has a high severity score (≈9.4/10).
• Fortinet temporarily disabled SSO authentication on its services to stop the abuse.
• Malicious FortiCloud accounts used in the attacks were detected and blocked by the company. 

This is the most recent and active Fortinet vulnerability exploitation incident reported publicly in January-February 2026.