Home / Jul 03, 2026 / Story
0
#2 The Hacker News general July 02, 2026 at 08:00 UTC

FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

By [email protected] (The Hacker News)

AI Summary

The FortiBleed campaign — involving mass credential theft from FortiGate firewalls — has been directly linked to INC and Lynx ransomware operations, with an operator found actively working negotiation panels for both groups. Researchers confirm that credentials harvested from hundreds of thousands of FortiGate devices are being used to facilitate ransomware intrusions. Security teams managing Fortinet infrastructure should treat any exposed credentials as compromised and rotate them immediately.

Relevance score: 86.0/100

# More from July 03