Home / Jul 04, 2026 / Story
0
#4 SecurityWeek general July 02, 2026 at 12:34 UTC

FortiBleed Campaign Linked to INC, Lynx Ransomware Attacks

By Ionut Arghire

AI Summary

Researchers have linked the FortiBleed campaign — which harvested credentials from hundreds of thousands of FortiGate firewalls via an exploited vulnerability — to active ransomware attacks conducted by the INC and Lynx ransomware operations. Attackers are also reportedly layering in exploitation of a Nextcloud zero-day bug. Organizations running FortiGate devices that haven't rotated credentials following FortiBleed exposure are at immediate risk of ransomware intrusion.

Relevance score: 84.0/100

# More from July 04