PCMag on MSN

Bitwarden

The best option for free, easy-to-use, open-source password management ...
PCMag on MSN

NordPass

A host of top-notch password management features at a reasonable price ...
SecurityWeek

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet has released patches for CVE-2026-24858, an authentication bypass exploited in the wild to compromise devices.

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability ...
Dark Reading

Fortinet Confirms New Zero-Day Behind Malicious SSO Logins

To stop the ongoing attacks, the cybersecurity vendor took the drastic step of temporarily disabling FortiCloud single ...
The Hacker News

Fortinet Patches CVE-2026-24858 After Active FortiOS SSO Exploitation Detected

Fortinet released updates for an actively exploited FortiOS SSO authentication bypass flaw, CVE-2026-24858, now listed by CISA in KEV.
Infosecurity Magazine

Five Single Sign-On Best Practices to Reduce Access Risk in 2026

Understand five best practices to overcome the most common SSO failure points and how organizations can reduce identity risk ...

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
CSO Online

Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.
Security Boulevard

SAML Development Guide

A comprehensive SAML development guide for engineering leaders. Learn about assertions, metadata, and securing single sign-on for enterprise CIAM.