Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

FortiBleed Fortinet/FortiGate VPN credential leak

Data Leak
First reported
Last updated
Happening score
H score 78
1 unique sources, 1 articles

Summary

Hide ▲

The FortiBleed leak exposed Fortinet/FortiGate VPN credentials for 73,932 firewall URLs, putting organizations worldwide at risk of account abuse and follow-on intrusion. The exposed records reportedly included usernames, email addresses, and plaintext passwords. Some of the leaked entries were later confirmed as authentic by independent reviewers, indicating the dataset was not a false alarm.

Related Happenings

Unnamed organization stolen data published on DLS

Data Leak
H score25 First: 06.05.2026 16:00 Last: 06.05.2026 16:00 Sources 1

About this happening: **Stolen data** from an **unnamed organization** was later posted on a **data leak site (DLS)**, confirming exposure and increasing extortion pressure. The publication followed an...

Open Happening

France Titres ANTS portal user data leak

Data Leak
H score26 First: 24.04.2026 17:31 Last: 24.04.2026 17:31 Sources 1

About this happening: France Titres confirmed a **security breach** on the **ANTS portal** that may have exposed **millions of users**, and a **database for sale** claim suggests the exposure could be...

Open Happening

AkzoNobel partial Anubis data leak

Data Leak
H score25 First: 04.03.2026 01:00 Last: 04.03.2026 01:00 Sources 1

About this happening: **AkzoNobel** faces a **partial data leak** after **Anubis ransomware** claimed it stole **170GB of data** and **almost 170,000 files**. The leak site posted **sample screenshots*...

Open Happening

ShellForce-affiliated leak site publishes stolen identity, corporate, and résumé records

Data Leak
H score22 First: 09.02.2026 23:14 Last: 09.02.2026 23:14 Sources 1

About this happening: A **ShellForce**-affiliated leak site is publicly posting **stolen identity records**, **corporate data**, and **résumé databases**, turning intrusions into immediate exposure ris...

Open Happening

Endesa and Energía XXI customer data leak after unauthorized access

Data Leak
H score26 First: 12.01.2026 17:57 Last: 12.01.2026 17:57 Sources 1

About this happening: **Endesa** and **Energía XXI** disclosed **unauthorized access** to their commercial platform that exposed **customer contract data** tied to energy accounts. The exposed records...

Open Happening

Timeline

  1. 17.06.2026 18:12 2 articles · 0h ago

    FortiBleed exposes Fortinet and FortiGate VPN credentials worldwide

    Initial Disclosure

    Bob Diachenko found a server containing apparent Fortinet VPN credentials, including usernames, email addresses, and plaintext passwords, and the FortiBleed dataset is described as exposing Fortinet and FortiGate VPN credentials for 73,932 firewall URLs at organizations worldwide. Hudson Rock later said the collection spans 194 countries and roughly 21,632 unique domains, while Kevin Beaumont said some of the credentials are authentic and that the data appears to have come from exported Fortinet configurations.

    Show sources
    Open in new tab