FortiBleed Credential Harvesting, AI Supply Chain Risks Dominate Threat Landscap
Summary
Today's threat landscape is defined by a convergence of large-scale credential harvesting and emerging AI supply chain risks. The FortiBleed campaign targeting FortiGate firewalls underscores the persistent threat from initial access brokers, while new research demonstrates how malicious AI agent skills can bypass security scanners entirely. Alongside these strategic threats, a high volume of alleged data breaches and leaks -- over 90 critical events -- continues to pressure sectors from government and finance to healthcare and education across multiple continents.
Today's developments
The most significant operational threat this morning is the FortiBleed campaign, a large-scale credential-harvesting operation targeting FortiGate firewalls. Industry researchers report that a Russian-speaking initial access broker (IAB) has been active since February 2026, targeting over 430,000 FortiGate devices globally. The operation involves collecting credential lists, brute-forcing exposed services, and deploying bespoke tools, with an alleged harvest of 110 million credentials. This campaign should be a priority for any organization running FortiGate appliances -- immediate validation of patch levels, credential rotation, and audit of exposed management interfaces are warranted.
Parallel to this, researchers at Unit 42 and AIR have highlighted a new vector: AI agent skill marketplace abuse. A fake skill pushed through a popular marketplace and an Instagram ad reportedly reached approximately 26,000 agents, including corporate accounts. Every security scanner tested against it marked the skill as safe. While the proof-of-concept payload was benign, the implication for supply chain risk is severe. Separately, OpenAI has released GPT-5.5-Cyber to trusted defenders as part of its Daybreak initiative, aiming to help patch software vulnerabilities at scale -- a defensive counterpoint to the offensive AI trend.
On the malware front, SentinelOne researchers detailed macOS.Gaslight, a Rust-based backdoor linked to DPRK threat actors. The implant embeds 38 fabricated system messages designed to spoof an LLM triage harness, effectively hiding a credential stealer and Telegram-based command-and-control. This represents a sophisticated evolution in macOS targeting, blending prompt injection with traditional backdoor functionality.
The volume of alleged data breaches and leaks remains high, with notable incidents including:
- Government sector: Alleged breaches of the French vehicle registration system, Cambodia's Ministry of Commerce, Mexico's RENAPO, and Germany's Bundesnachrichtendienst (BND). A leak of a German government document was also claimed.
- Financial services: Alleged breaches of Serasa (Brazil), FIB bank (Iraq), SmartBill (Romania), and multiple Czech banking institutions.
- Healthcare: Alleged breaches of the Fédération Hospitalière de France (France), Meducar HealthTech (Argentina), and SALVAR/SEDENA patient data (Mexico).
- Technology and services: Alleged breaches of TripAdvisor, Notion, Apollo.io, and Sysco (all US), as well as Solidatech (France) and Alpha IT (Norway).
- Education: Alleged breaches of Iddink Group (Netherlands/Spain/Belgium) and Instituto Michoacano de Ciencias de la Educación (Mexico).
Actor GFX666 was particularly active, claiming leaks against banking, education, and marketing entities across Europe. Actor cabyc alleged breaches against multiple Indian and Iraqi travel and hospitality platforms. Actor V0idix claimed leaks against US retail and construction firms.
Threat landscape signals
The event data reveals several actionable patterns. France is the second most targeted country today (19 events), with a concentration of government and healthcare targets, including the vehicle registration system and hospital federation. India (12 events) is heavily targeted by actor cabyc, focusing on travel and hospitality platforms. Israel and Thailand also appear in the top five victim countries, indicating a broad geographic spread.
Actor concentration is notable: 0xTeam-Network leads with 39 events, though many appear to be lower-severity initial access or defacement claims. MARKET FLAZZ and cabyc (11 events each) are driving a significant portion of the data breach volume. The GFX666 actor (8 events) is focused on European targets, particularly in banking and education.
The FortiBleed campaign and the AI agent skill marketplace research both point to a shift in initial access tactics. Defenders should prioritize reviewing exposed network appliances and scrutinizing third-party AI integrations. The DPRK-linked macOS backdoor also signals that macOS is no longer a low-priority platform for threat actors. Finally, the executive order setting a 2030 deadline for federal post-quantum cryptography migration provides a long-term planning signal for organizations in regulated sectors.