The Qilin ransomware operation exploited Fortinet vulnerabilities, impacting Synnovis, a pathology services provider. This attack forced several major NHS hospitals in London to cancel hundreds of appointments and operations.
TPRM report: https://scoringcyber.rankiteo.com/company/synnovis
"id": "syn719060625",
"linkid": "synnovis",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization's existence: Attack in which the personal and financial information is compromised"{'affected_entities': [{'industry': 'Automotive',
'name': 'Yangfeng',
'type': 'Automotive'},
{'industry': 'Publishing',
'name': 'Lee Enterprises',
'type': 'Publishing'},
{'industry': 'Legal',
'location': 'Australia',
'name': 'Court Services Victoria',
'type': 'Government'},
{'industry': 'Healthcare',
'location': 'London',
'name': 'Synnovis',
'type': 'Healthcare'}],
'attack_vector': ['CVE-2024-21762', 'CVE-2024-55591'],
'date_detected': 'May-June 2025',
'description': 'The Qilin ransomware operation has recently joined attacks '
'exploiting two Fortinet vulnerabilities that allow bypassing '
'authentication on vulnerable devices and executing malicious '
'code remotely.',
'initial_access_broker': {'entry_point': ['CVE-2024-21762', 'CVE-2024-55591']},
'motivation': 'Financial Gain',
'ransomware': {'ransomware_strain': 'Qilin'},
'references': [{'source': 'PRODAFT'}],
'threat_actor': 'Phantom Mantis',
'title': 'Qilin Ransomware Attacks Exploiting Fortinet Vulnerabilities',
'type': 'Ransomware',
'vulnerability_exploited': ['CVE-2024-21762', 'CVE-2024-55591']}