FortiBleed Exposes Global Credential-Spraying Operation

FortiBleed exposed an industrial-scale, multi-operator credential‑spraying campaign that mass‑scanned hundreds of thousands of FortiGate and Sophos endpoints and launched over a billion login attempts (and billions more against MSSQL), deployed network sniffers to harvest credentials, used a 45‑GPU cracking cluster to crack hashes, replayed VPN sessions to gain AD access, and exfiltrated sensitive data from multiple organizations across several countries.