Two FortiWeb vulnerabilities, including a critical unauthenticated bypass (CVE-2025-64446), are under attack. Check logs for rogue admin accounts and upgrade immediately.