Active FortiBleed Campaign Impacting Fortinet Devices Across 194 Countries (opens in new tab)

Covers 2 stories including FortiBleed — 75k Fortinet firewalls have admin passwords crackedCovered by 5 sources including thehackernews.com, Malware Analysis, News and Indicators

Summary In mid-June 2026, security researchers identified an active, large-scale credential compromise campaign affecting Fortinet FortiGate firewalls, dubbed FortiBleed. Threat actors have been systematically extracting configuration files from internet-facing FortiGate devices and cracking the stored credential hashes, resulting in verified working administrator credentials for between 30,000 and 75,000 devices across 194 countries. SOCRadar‘s research identified ... Active FortiBleed Campa...

Active FortiBleed Campaign Impacting Fortinet Devices Across 194 Countries (opens in new tab)

Covered in 6 articles

CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices

FortiBleed: You Can't Patch Your Way Out of This

Active FortiBleed Campaign Impacting Fortinet Devices Across 194 Countries