FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions.

“An operator tied to FortiBleed’s infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deployment

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites

Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites Dutch law enforcement authorities, along with counterparts from Canada , Germany, and the U.S., have disrupted malicious infrastructure associated with SocGholish

Attack Update: Top 5 Attack-IPs auf doode.info – 14.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 45.94.31.103 — 1008 requests (recent log) 18.206.35.90 — 479 requests (recent log) 34.50.28.253 — 416 requests (recent

Attack Update: Top 5 Attack-IPs auf doode.info – 25.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 480 requests (recent log) 34.19.254.142 — 464 requests (recent log) 216.73.217.55 — 313 requests (recent