2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.

A public release of FortiOS configuration dumps (assembled October 2022) affecting 15,474 devices has exposed plaintext usernames and passwords, device management certificates, and full firewall rules; the collector attributes initial exploitation to CVE-2022-40684. Organizations should verify whether they were patched at the time, identify impacted IPs, rotate device credentials, and assess risks from publicly disclosed firewall policies and certificates.