FortiBleed Campaign Compromises 86,000 Fortinet Device Credentials

A large-scale credential theft campaign, dubbed 'FortiBleed,' compromised approximately 86,000 credentials from internet-accessible Fortinet firewalls and VPNs. The attack targeted roughly half of all exposed Fortinet devices connected to the internet. No specific CVE ID, dates, or technical exploitation details were disclosed in the report. The incident involved the theft of device credentials, posing a risk to network security. The affected systems include Fortinet’s firewall and VPN appliances. No attribution or geographic scope was provided.