> TritonInfoSec News
Home / Jun 23, 2026 / Story
0
#1 BleepingComputer general June 22, 2026 at 20:01 UTC

FortiBleed campaign used custom FortiGate sniffer to steal credentials

By Lawrence Abrams

AI Summary

SOCRadar's analysis of the FortiBleed campaign reveals that threat actors deployed custom sniffers on compromised Fortinet FortiGate devices to harvest authentication credentials at scale, resulting in a database of over 86,000 confirmed working credentials. Fortinet has formally responded to the campaign, which targeted firewall appliances and represents a significant ongoing threat to enterprise network perimeters. Security teams running FortiGate devices should audit for indicators of compromise and rotate any credentials that may have traversed affected systems.

Read full article → https://www.bleepingcomputer.com/news/security/for…

Relevance score: 88.0/100

# More from June 23

  1. 2
    New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones SecurityWeek
  2. 3
    Fortinet Responds to FortiBleed Campaign SecurityWeek
  3. 4
    Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices The Hacker News
  4. 5
    ShapedPlugin WordPress Pro Plugins Backdoored in Supply Chain Attack The Hacker News
  5. 6
    29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests The Hacker News
  6. 7
    AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network The Hacker News
  7. 8
    North Korean Hackers Blamed for Mastra NPM Supply Chain Attack SecurityWeek
  8. 9
    Researchers Detail DifyTap Flaws in Dify That Could Expose AI Chats Across Tenants The Hacker News
  9. 10
    More Cybersecurity Firms Disclose Impact From Klue Hack SecurityWeek