In a nutshell: A campaign called FortiBleed conducted by Russian-speaking actors has compromised over 86,600 Fortinet FortiGate devices and requires immediate protective measures by affected organizations.
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning of a large-scale compromise campaign against Fortinet FortiGate appliances. Russian-speaking attackers have successfully compromised over 86,644 internet-exposed devices under the codename FortiBleed.
CISA has called on Fortinet customers with FortiGate appliances to immediately take measures to secure their systems against ongoing attacks. The campaign targets internet-exposed devices and is being conducted by Russian-speaking threat actors.
The scope of the compromises is significant: to date, 86,644 FortiGate devices worldwide have been affected by FortiBleed. This represents a critical threat to the network perimeter for CISOs, as FortiGate appliances are frequently deployed as central security components to control access connections. Compromise at this level enables attackers to gain access to sensitive network segments and data flows.
Affected organizations should follow CISA’s recommendations and prioritize reviewing their internet-exposed FortiGate instances, search logs for signs of compromise, and immediately deploy the latest security patches and vendor-provided mitigation measures.
Source: thehackernews.com · Published June 19, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrasing and classification by Lumi News Pipeline v1.7.1.