A major cybersecurity operation has exposed thousands of organisations to potential compromise after attackers launched a widespread campaign targeting Fortinet firewalls and VPN devices used by enterprises and government agencies across multiple countries.
According to findings by cybersecurity researchers, the campaign has affected nearly 75,000 Fortinet devices, with victims spread across more than 15 countries. India, the US and Taiwan were among the regions with the highest number of impacted systems.
Researchers said the attackers did not exploit any new software vulnerability. Instead, they relied on previously leaked credentials and large-scale brute-force attacks to gain access to internet-facing devices. Once inside, hackers were able to collect additional credentials and potentially move deeper into internal networks.
Several prominent organisations were reportedly affected. Researchers described the scale of the campaign as significant, warning that it spans multiple industries and sectors. Government entities were also among the targets.
Fortinet acknowledged that it is aware of an ongoing credential-harvesting campaign aimed at its firewall and VPN products. The company said the activity is linked to reused data from earlier incidents and brute-force attempts, and not to any new security flaw or recent advisory.
Security experts noted that compromised credentials remain one of the biggest risks for enterprises. They urged organisations to rotate passwords, enable multi-factor authentication, and regularly review exposed systems to reduce the chances of unauthorised access.
The campaign highlights how attackers continue to exploit weak credential management practices rather than relying solely on advanced vulnerabilities. Researchers stressed that proper password hygiene and stronger authentication measures remain critical for protecting corporate networks.
Also read: Viksit Workforce for a Viksit Bharat
Do Follow: The Mainstream LinkedIn | The Mainstream Facebook | The Mainstream Youtube | The Mainstream Twitter
About us:
The Mainstream is a premier platform delivering the latest updates and informed perspectives across the technology business and cyber landscape. Built on research-driven, thought leadership and original intellectual property, The Mainstream also curates summits & conferences that convene decision makers to explore how technology reshapes industries and leadership. With a growing presence in India and globally across the Middle East, Africa, ASEAN, the USA, the UK and Australia, The Mainstream carries a vision to bring the latest happenings and insights to 8.2 billion people and to place technology at the centre of conversation for leaders navigating the future.