After gaining a foothold in 1000s of Fortinet firewalls, attackers are starting to monetize that access, and are also piling on a Nextcloud zero-day bug.

The massive FortiBleed credential theft campaign has been linked to the INC and Lynx ransomware operations, suggesting the stolen Fortinet credentials were intended to fuel future…

SOCRadar says FortiBleed led to 354 completed FortiGate intrusions and at least 12 ransomware deployments.