Attackers exploit Fortinet flaws to deploy Qilin ransomware

Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices. Threat intelligence firm PRODAFT warned that Qilin ransomware (aka Phantom Mantis) group targeted multiple organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762, and CVE-2024-55591. “Phantom Mantis recently launched a coordinated intrusion campaign targeting multiple organizations between […]

Jun 6, 2025 - 23:34

Attackers exploit Fortinet flaws to deploy Qilin ransomware

Qilin ransomware now exploits Fortinet vulnerabilities to achieve remote code execution on impacted devices.

Threat intelligence firm PRODAFT warned that Qilin ransomware (aka Phantom Mantis) group targeted multiple organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762, and CVE-2024-55591.

“Phantom Mantis recently launched a coordinated intrusion campaign targeting multiple organizations between May and June 2025. Initial access are being achieved by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762, CVE-2024-55591, and others.” reads the report published by PRODAFT.