A data breach dubbed 'FortiBleed' has exposed VPN credentials for nearly 74,000 Fortinet and FortiGate firewall URLs spanning 194 countries. The leaked credentials could provide attackers with direct access to enterprise network infrastructure.
Security researchers have identified a significant data leak affecting Fortinet's FortiGate firewall systems. The breach, tracked as 'FortiBleed,' contains VPN login credentials for 73,932 firewall URLs globally.
Scale and Scope
The exposed credentials span across 194 countries, indicating widespread impact across government agencies, enterprises, and organizations of all sizes. FortiGate firewalls are critical network security devices used by major institutions worldwide, making this exposure particularly severe.
Security Risk
VPN credentials for firewall access represent high-value targets for attackers. Compromise of these credentials could enable unauthorized access to protected networks, potentially facilitating data theft, malware deployment, or lateral movement within organizational infrastructure.
Affected Systems
The leak includes credentials for both Fortinet and FortiGate VPN systems. FortiGate is one of the most widely deployed enterprise firewall solutions globally, meaning the potential victim list is substantial.
Response Measures
Organizations using Fortinet or FortiGate infrastructure should immediately:
- Audit VPN access logs for suspicious activity
- Reset VPN credentials
- Review firewall configurations and access controls
- Monitor for unauthorized network access attempts
The discovery underscores ongoing risks surrounding credential exposure. Even security-focused infrastructure can become compromised, highlighting the importance of multi-factor authentication and continuous access monitoring.
Fortinet has not yet issued a public statement regarding the breach. Organizations concerned about potential exposure should contact Fortinet support for guidance on affected systems and remediation steps.
Ofcom has contacted Telegram seeking clarification on how the messaging app detects illegal incitement, after a Ukrainian man was convicted of arson attacks on property linked to UK Prime Minister Keir Starmer. The attacker was directed via the platform by a handler.
A New York man faces cyberstalking charges after allegedly creating and distributing AI-generated nude images of a Georgia college student. He also fabricated racist messages using fake social media profiles.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a critical Splunk Enterprise vulnerability by Sunday due to active exploitation in the wild.
TeamPCP exploited fundamental weaknesses in open source software distribution to inject malware into over 1,000 packages. The breach exposed critical vulnerabilities in how the development community handles trust and security.