A Russian-speaking initial access broker (IAB) driven by financial gain is assessed to be behind a large-scale credential-harvesting operation known as FortiBleed that has targeted over 430,000 FortiGate firewalls globally.

The campaign, active since February 2026, involves collecting credential lists, searching for exposed services, brute-forcing accessible systems, and deploying bespoke



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/06/fortibleed-targeted-fortigate-firewalls.html