> TritonInfoSec News
Home / Jun 24, 2026 / Story
0
#1 The Hacker News general June 23, 2026 at 18:20 UTC

FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation

By [email protected] (The Hacker News)

AI Summary

The 'FortiBleed' campaign, attributed to a Russian-speaking initial access broker (IAB) active since at least February 2026, has targeted over 430,000 FortiGate firewalls globally using a custom Golang-based credential sniffer, harvesting more than 110 million credentials. The operation involves collecting credential lists, scanning for exposed services, brute-forcing accessible systems, and deploying bespoke tooling. Security teams managing FortiGate deployments should treat this as an active, ongoing threat requiring immediate credential rotation and access review.

Read full article → https://thehackernews.com/2026/06/fortibleed-targe…

Relevance score: 92.0/100

# More from June 24

  1. 2
    Scattered Spider Hackers Plead Guilty on Day 1 of Trial Krebs on Security
  2. 3
    LastPass confirms data breach in Klue supply chain attack BleepingComputer
  3. 4
    Trump Order Sets 2030 Deadline for Federal Post-Quantum Crypto Migration The Hacker News
  4. 5
    FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances SecurityWeek
  5. 6
    Five Eyes agencies sound alarm about AI’s threat to cybersecurity The Record
  6. 7
    FFmpeg fixes PixelSmash flaw in widely used video decoder BleepingComputer
  7. 8
    'Cordyceps': Mushrooming Malicious Pull Requests Threaten Developer Workflows Dark Reading
  8. 9
    Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks BleepingComputer
  9. 10
    WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool The Hacker News