{
  "metadata": {
    "generator": "Bulwark Black IOC Extractor",
    "source": "https://bulwarkblack.com/fortinet-blocks-actively-exploited-forticloud-sso-zero-day-until-patch-is-ready/",
    "fang": "live",
    "exported_at": "2026-07-15T22:31:25Z",
    "total": 14,
    "categories": 3
  },
  "iocs": {
    "IPv4": [
      "104.28.195.105",
      "104.28.195.106",
      "104.28.212.114",
      "104.28.212.115",
      "104.28.227.105",
      "104.28.227.106",
      "104.28.244.114",
      "104.28.244.115",
      "217.119.139.50",
      "37.1.209.19"
    ],
    "Email Addresses": [
      "cloud-init@mail.io",
      "cloud-noc@mail.io"
    ],
    "CVEs": [
      "CVE-2025-59718",
      "CVE-2026-24858"
    ]
  }
}