75,000 Fortinet firewalls cracked with old passwords

Attackers compromised 73,932 Fortinet FortiGate firewall and VPN devices across 194 countries using previously leaked passwords, not a zero-day exploit. The campaign, dubbed FortiBleed, targeted roughly half of all internet-exposed Fortinet firewalls. Researchers attribute the operation to a Russian-speaking group that used a 45-GPU cluster to crack VPN authentication hashes.