[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:cisa-warns-fortinet-customers-as-fortibleed-hits-86-644-fortigate-devices-mqmq9kci":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":17,"article_ids":18,"ioc_summary":20,"source_urls":21,"status":23,"expires_at":24,"created_at":25,"updated_at":26,"articles":27},"b40b4681-520f-4de6-bc09-dabb02292dd1","CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices","cisa-warns-fortinet-customers-as-fortibleed-hits-86-644-fortigate-devices-mqmq9kci","Russian-speaking threat actors have compromised over 86,000 FortiGate devices via FortiBleed using default credentials, breached accounts, and brute force. Telecom, government, and education sectors are primary targets, with heavy exposure in India, US, Mexico, Colombia, and Thailand. Compromised devices can be weaponized for lateral movement, data exfiltration, and persistent network access.","critical","advisory",[],[13,14,15,16],"Fortinet","FortiGate","SSL VPN","VPN gateways","Immediately audit all FortiGate devices for non-default credentials and disable default accounts. Cross-reference your FortiGate inventory against the 86,644 exposed device list. Monitor for anomalous FortiGate admin logins and VPN access patterns.",[19],"295dc96f-c5f4-42a1-b837-b4283ce65b79",null,[22],"https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fcisa-warns-fortinet-customers-as.html","active","2026-06-22T19:05:16.537+00:00","2026-06-20T19:05:23.073163+00:00","2026-06-20T19:15:08.208399+00:00",[28],{"id":19,"title":6,"url":22}]