CyberSecurity News
FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation
AI summary
A large-scale credential harvesting operation, known as FortiBleed, has targeted FortiGate firewalls worldwide, with over 430,000 devices affected. The operation is believed to be the work of a Russian-speaking initial access broker motivated by financial gain. The campaign has been active since February 2026 and involves several tactics, including collecting credential lists and brute-forcing accessible systems. The operation has resulted in the harvesting of over 110 million credentials. The attackers also search for exposed services and deploy custom tools to achieve their goals. The scope of the operation is global, affecting a significant number of FortiGate firewalls.
This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.