The federal government confirmed on 14 November that hackers are exploiting a vulnerability affecting Fortinet devices that has caused alarm among cybersecurity experts since early October 2025. The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies seven days to patch CVE-2025-64446 and released an advisory that said it is “aware of exploitation.” CISA typically gives agencies 21 days to patch most vulnerabilities added to its list of exploited bugs. C
