FortiBleed: The Most Detailed Breakdown Yet of an Active Russian Credential-Harvesting Operation
FortiBleed targeted 430,000+ FortiGate devices, harvesting 110M credentials and enabling breaches through large-scale credential theft.
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
82 articles found
FortiBleed targeted 430,000+ FortiGate devices, harvesting 110M credentials and enabling breaches through large-scale credential theft.
A trio of coordinated campaigns a JetBrains fake AI assistant campaign, the GlassWorm self‑propagating worm, and the compromised Nx Console Visual Studio Cod...
Fortinet has issued a security warning about ongoing credential-harvesting attacks targeting FortiGate devices in a campaign known as “FortiBleed.” Threat ac...
The large-scale credential theft campaign hit roughly half of the internet-accessible Fortinet firewalls and VPNs. The post FortiBleed: 86,000 Fortinet Devic...
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infoste...
The Agentjacking attack bypasses the need for stolen credentials or direct network access.
A Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways aroun...
CISA is aware of global reports that malicious cyber actors have targeted internet-accessible Fortinet devices across government and private sector organizat...
A coordinated supply chain attack targeting JetBrains IDE users has exposed over 70,000 developers to silent credential theft. The campaign involves at least...
A financially motivated campaign dubbed “Payroll Pirate” has emerged using advanced phishing and adversary-in-the-middle (AiTM) session hijacking to bypass m...
Chinese-language “guarantee” marketplaces hosted mainly on Telegram have become a core conduit for buying, selling, and laundering stolen credentials and a w...
As attackers increasingly favor stolen credentials over exploits, infostealers have become a primary source of access for ransomware and other cybercrime ope...
Weedhack, a Malware-as-a-Service (MaaS) operation specifically engineered to prey on Minecraft players, that has been active since at least January 2026. The...
Phishing has always been a numbers game. AI has turned it into a volume machine.
A new, fully featured Lucid Stealer build that combines large-scale credential theft with hidden remote access. The sample, distributed through Telegram-link...
Phishing, shadow AI, malicious extensions, and credential theft increasingly happen inside the browser. Keep Aware explains what the 2026 Verizon DBIR reveal...
FortiGuard Labs research shows how cybercriminals are exploiting the demand for the FIFA World Cup 2026 through phishing, fake tickets, malware, impersonatio...
A prolonged and highly targeted espionage campaign has been uncovered involving the compromise of a senior executive’s Microsoft Outlook account at a major g...
AI agents run inside coding assistants, MCP servers, and multi-agent frameworks, and the access that makes them useful also opens paths to prompt injection, ...
Here’s what to do in a world where credential theft has been automated and turned into a commodity.