Qilin Ransomware Group Exploits Fortinet Vulnerabilities to Deploy Malware

The Qilin ransomware group (alias Phantom Mantis) has exploited Fortinet vulnerabilities to execute remote code on affected devices. According to the threat intelligence company PRODAFT, the group targeted several organizations between May and June 2025 by exploiting multiple FortiGate vulnerabilities, including CVE-2024-21762 and CVE-2024-55591. These attacks allowed the attackers to deploy the Qilin ransomware on compromised systems.