logo

FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries

ID: 36833c49-af11-593c-9df8-0822c9dc3c96

STIX ID: report--36833c49-af11-593c-9df8-0822c9dc3c96

Feed Name: HackRead

Threat Score
80/100

Date Published: 2026-06-17

Date Updated: 2026-06-18

Author: Waqas

...
...

Hudson Rock and researcher Volodymyr Diachenko disclosed a large-scale campaign named “FortiBleed” that exposed 73,932 unique FortiGate firewall URLs across 194 countries and 21,632 domains, including major corporations and critical infrastructure sectors; operators performed billions of credential and brute-force attempts, verified successful logins, and are believed to have reused compromised firewall/VPN access to collect further credentials and potentially exfiltrate data. Organizations are advised to rotate credentials, enforce MFA, restrict management interfaces, patch FortiOS, review logs, and use Hudson Rock's lookup portal to check for affected domains.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.