New Malware Exploits Fortinet VPN Vulnerability
/ 1 min read
New malware DEEPDATA exploits Fortinet’s VPN flaw. A threat actor known as BrazenBamboo has been identified as exploiting a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials. The modular malware framework, DEEPDATA, was first reported by Volexity, which noted that the flaw remains unpatched despite being reported to Fortinet in July 2024. This malware is part of a broader suite of tools used for cyber espionage, including DEEPPOST and LightSpy, which target various communication platforms and gather extensive data from infected devices.