#Fortinet
12 stories taggedFortinet.

FortiBleed's Credential Theft Linked to Ransomware Gangs
Researchers reveal FortiBleed's connections to ransomware groups, posing greater risks for affected organizations.

FortiBleed: 11,000 Fortinet Firewalls Still Compromised, Now Tied to INC and Lynx Ransomware
Researchers say the same crew that hoarded credentials from hundreds of thousands of Fortinet firewalls has been sitting inside the negotiation panels of two major ransomware gangs.

FortiBleed: Stolen FortiGate Credentials Now Fueling INC and Lynx Ransomware Attacks
Credentials harvested from hundreds of thousands of compromised FortiGate devices are feeding active ransomware operations — and defenders who haven't rotated credentials post-patch are still exposed.

FortiBleed Credential Haul Now Feeding INC and Lynx Ransomware Crews
A single operator was spotted running negotiation panels for both gangs, turning stolen FortiGate logins into ransomware payloads.

FortiBleed: Russian-Speaking Broker Tied to 430K FortiGate Credential Harvest
Researchers attribute the long-running operation to a financially motivated IAB, with credential lists feeding brute-force runs against exposed FortiGate appliances since February.

FortiBleed Campaign Hits 86,644 FortiGate Boxes; CISA Pushes Customers to Lock Down
Russian-speaking operators are working through internet-exposed Fortinet appliances at scale. CISA wants admins moving now.

Fortibleed: How 75,000 FortiGate Firewalls Ended Up on an Attacker's Credential List
Configuration files. Legacy SHA-256 hashes. Automation at scale. The Fortibleed campaign is a slow-burn credential harvest that perimeter defenders are still catching up to.

Three FortiSandbox Bugs Under Active Exploitation, Including a 9.1 Path Traversal
Threat intel firm flags in-the-wild abuse of CVE-2026-39813, CVE-2026-39808 and CVE-2026-25089 within a 24-hour window.

Patch Tuesday-Adjacent: FortiSandbox, Ivanti, and SAP Ship Fixes for Critical Bugs
A 9.1-rated command injection in FortiSandbox headlines a busy week of vendor advisories. Most of these land squarely on platform teams.

Patched FortiClient EMS Flaw Still a Live Attack Vector for Credential Theft
Attackers are piggybacking on Fortinet's endpoint management tooling to push infostealers disguised as legitimate agent updates.

FortiClient EMS Flaw Sees Fresh Exploitation After April Hotfix
Attackers are still hitting a critical FortiClient EMS vulnerability that Fortinet patched — and flagged as actively exploited — months ago.

Anthropic Adds 28 Enterprise Security Integrations to Claude, Including CrowdStrike and Okta
The AI company is wiring Claude into the core of enterprise security stacks, from endpoint detection to identity management.