FortiBleed exposed how a Russian-speaking threat group quietly compromised around 75,000 Fortinet firewalls worldwide by abusing old credential leaks, infostealer logs, automated login testing, offline cracking, and compromised FortiGate devices. The campaign turned exposed firewalls into credential-harvesting nodes, creating a self-feeding access pipeline for future attacks and possible ransomware operations.
Internet accessible management interface of firewall. There sure is a bleed to this. Eyes of every security engineer bleeding at the absolute stupidity of such a decision.