惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
WordPress大学
WordPress大学
GbyAI
GbyAI
T
Tailwind CSS Blog
Know Your Adversary
Know Your Adversary
小众软件
小众软件
Security Latest
Security Latest
博客园 - 聂微东
P
Privacy International News Feed
L
Lohrmann on Cybersecurity
爱范儿
爱范儿
云风的 BLOG
云风的 BLOG
阮一峰的网络日志
阮一峰的网络日志
C
Cyber Attacks, Cyber Crime and Cyber Security
博客园 - 叶小钗
Last Week in AI
Last Week in AI
The Register - Security
The Register - Security
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
AWS News Blog
AWS News Blog
L
LINUX DO - 热门话题
D
Darknet – Hacking Tools, Hacker News & Cyber Security
NISL@THU
NISL@THU
Spread Privacy
Spread Privacy
Google DeepMind News
Google DeepMind News
P
Palo Alto Networks Blog
S
Schneier on Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
T
The Exploit Database - CXSecurity.com
月光博客
月光博客
C
CERT Recently Published Vulnerability Notes
G
GRAHAM CLULEY
N
Netflix TechBlog - Medium
量子位
K
Kaspersky official blog
T
Threatpost
Latest news
Latest news
The Cloudflare Blog
MyScale Blog
MyScale Blog
C
Cisco Blogs
T
Tor Project blog
S
Securelist
Cisco Talos Blog
Cisco Talos Blog
The GitHub Blog
The GitHub Blog
A
Arctic Wolf
T
Threat Research - Cisco Blogs
H
Help Net Security
C
CXSECURITY Database RSS Feed - CXSecurity.com

TechCrunch

Robots beat human records at Beijing half-marathon Palantir posts mini-manifesto denouncing inclusivity and ‘regressive’ cultures TechCrunch Mobility: Uber enters its assetmaxxing era Cracks are starting to form on fusion energy’s funding boom Blue Origin successfully re-uses a New Glenn rocket for the first time ever Tesla brings its robotaxi service to Dallas and Houston VC Ron Conway says he has a ‘rare form of cancer’ AI chip startup Cerebras files for IPO Anthropic’s relationship with the Trump administration seems to be thawing The App Store is booming again, and AI may be why “Tokenmaxxing” is making developers less productive than they think Hackers are abusing unpatched Windows security flaws to hack into organizations Zoom teams up with World to verify humans in meetings Gigs turns your concert history into a personal live music archive Chef Robotics escaped the robot cooking graveyard and says it’s thriving — here’s why Uber will now pick up your returns from your doorstep Anthropic launches Claude Design, a new product for creating quick visuals Google’s AI Mode can now help you find products in stock nearby Bluesky confirms DDoS attack is cause of continued app outages Bluesky confirms DDoS attack is cause of continued app outages Netflix plans to add a vertical video feed, use AI for recommendations SaySo is a new short-form video app that aims to restore users’ trust in news Loop raises $95M to build supply chain AI that predicts disruptions Are we tokenmaxxing our way to nowhere? New leaders, new fund: Sequoia has raised $7B to expand its AI bets Netflix co-founder and chair Reed Hastings to leave board Upscale AI in talks to raise at $2B valuation, says report Physical Intelligence, a hot robotics startup, says its new robot brain can figure out tasks it was never taught From the Startup Battlefield stage to the International Space Station: geCKo Materials built a sticky product Slash, a Ramp competitor founded by teenagers, raises $100M at $1.4B valuation OpenAI takes aim at Anthropic with beefed-up Codex that gives it more power over your desktop European police email 75,000 people asking them to stop DDoS attacks Anthropic CPO leaves Figma’s board after reports he will offer a competing product Google now lets you explore the web side-by-side with AI Mode Two Americans sentenced for helping North Korea steal $5 million in fake IT worker scheme InsightFinder raises $15M to help companies figure out where AI agents go wrong AI traffic to US retailers rose 393% in Q1, and it’s boosting their revenue too Roblox’s AI assistant gets new agentic tools to plan, build, and test games Google adds Nano Banana-powered image generation to Gemini’s Personal Intelligence Google is now targeting bad ads over bad actors You’ve heard of hybrid cars. Now meet a hybrid cement plant. Runway CEO says AI could help Hollywood make 50 films instead of one $100M blockbuster Meta raises Quest 3 and Quest 3S prices due to RAM shortage Canva’s AI assistant can now call various tools to make designs for you Fashion retailer Express left customers’ personal data and order details exposed to the internet This simulation startup wants to be the Cursor for physical AI DeepL, known for text translation, now wants to translate your voice Amazon-backed X-energy files to raise up to $800M in IPO Ford EV and tech chief leaving automaker Wait, could they still actually break up Live Nation? Monarch Tractor’s collapse ends with an acquisition by Caterpillar OpenAI updates its Agents SDK to help enterprises build safer, more capable agents Hightouch reaches $100M ARR fueled by marketing tools powered by AI LinkedIn data shows AI isn’t to blame for hiring decline… yet Feds will require data centers to show their power bills AI learning app Gizmo levels up with 13M users and a $22M investment Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Google rolls out a native Gemini app for Mac This Khosla-backed autonomous pod startup just raised $170M — now it’s aiming for more Accel raises $5B to back late-stage bets India’s vibe-coding startup Emergent enters OpenClaw-like AI agent space Anthropic shrugs off VC funding offers valuing it at $800B+, for now Motorola sues social platforms and creators over posts, raising speech concerns in India Airwallex is about to take on Stripe and the rest of the payments industry — in the physical world After sale of its shoe business, Allbirds pivots to AI Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant Vercel CEO Guillermo Rauch signals IPO readiness as AI agents fuel revenue surge Hack at Anodot leaves over a dozen breached companies facing extortion The largest orbital compute cluster is open for business Trump officials may be encouraging banks to test Anthropic’s Mythos model Apple reportedly testing four designs for upcoming smart glasses X says it’s reducing payments to clickbait accounts TechCrunch Mobility: Who is poaching all the self-driving vehicle talent? From LLMs to hallucinations, here’s a simple guide to common AI terms At the HumanX conference, everyone was talking about Claude Slate Auto: Everything you need to know about the Bezos-backed EV startup Walmart-owned Flipkart, Amazon are squeezing India’s quick-commerce startups Kalshi wins temporary pause in Arizona criminal case AMC will stream ‘The Audacity’ premiere in 21 parts on TikTok Sam Altman responds to ‘incendiary’ New Yorker article after attack on his home Nvidia-backed SiFive hits $3.65B valuation for open AI chips NASA Artemis II splashes down in Pacific Ocean in ‘perfect’ landing for moon mission How to watch NASA’s Artemis II splash back down to Earth TechCrunch is heading to Tokyo — and bringing the Startup Battlefield with it France to ditch Windows for Linux to reduce reliance on US tech YouTube Premium and YouTube Music are getting more expensive Every fusion startup that has raised over $100M Last 24 hours: Save up to $500 on your TechCrunch Disrupt 2026 pass PSA: If you use the Meta AI app, your friends will find out and it will be embarrassing Anthropic temporarily banned OpenClaw’s creator from accessing Claude Snap gets closer to releasing new AI glasses after years-long hiatus Stalking victim sues OpenAI, claims ChatGPT fueled her abuser’s delusions and ignored her warnings Florida AG to probe OpenAI, alleging possible connection to FSU shooting ChatGPT finally offers $100/month Pro plan EFF is the latest organization to leave X What founders can learn from Anjuna’s layoffs and recovery Volkswagen drops all-electric ID.4 in the US in pivot back to gas SUVs Florida AG announces investigation into OpenAI over shooting that allegedly involved ChatGPT StubHub to pay $10M to settle FTC allegations over ‘deceptive’ ticket pricing After data breach, $10B-valued startup Mercor is having a month
Cybercriminals allegedly hacked tens of thousands of Fortinet firewalls used by major companies all over the world | TechCrunch
Lorenzo Franceschi-Bicchierai · 2026-06-18 · via TechCrunch

Cybercriminals have compromised tens of thousands of Fortinet firewalls and VPNs used by major companies all over the world, according to two cybersecurity firms.

The widespread hacking campaign, which is ongoing and has been dubbed FortiBleed, appears to not involve abusing any unknown vulnerability in the targeted devices, but rather on a more basic issue: Companies may not be changing passwords to the firewall, nor making sure that the credentials they use for sensitive systems exposed on the internet are not already known by hackers. 

In this campaign, hackers are first using automated tools to scan the internet for exposed Fortinet firewalls and VPNs. Then, they are breaking into the devices thanks to lists of previously known passwords. At that point, the cybercriminals can steal more sensitive data from the victim companies, cybersecurity firms Hudson Rock and SOCRadar wrote in their reports that they published this week.

“Once a device is compromised, [the hackers] use it as a listening post, monitoring traffic passing through and collecting any additional credentials that flow by. Those freshly collected passwords are then fed back into the scanner to compromise even more devices. The system feeds itself,” SOCRadar wrote. 

Hudson Rock said they found evidence that suggests more than 73,000 unique Fortinet URLs have been hacked, while SOCRadar said the total of hacked devices is more than 30,000. 

According to Hudson Rock, the hacked companies include: Accenture, Comcast, Foxconn, Lenovo, Oracle, Samsung, Siemens, and PwC.  

A Lenovo spokesperson acknowledged receipt of TechCrunch’s request for comment but did not respond. None of the other companies responded to a request for comment. 

According to both Hudson Rock and SOCRadar, the countries with the most affected devices are India, the United States, Taiwan, and Mexico. But both companies say there are victims all over the world. As for industries, the most affected ones are IT services, construction materials, and telecommunications, according to Hudson Rock. Government agencies are also among the victims, per SOCRadar. Both cybersecurity companies said the group behind the hacking campaign appears to be Russian-speaking. 

Fortinet did not respond to a request for comment.

Hudson Rock and SOCRadar’s reports are based on the discovery of a list of credentials for Fortinet devices and associated companies. This hacking campaign was first reported by security researcher Bob Diachenko over the weekend. Independent cybersecurity researcher Kevin Beaumont said in a blog post on Wednesday that he analyzed the data and confirmed the data “is legit.”

In recent years, several hacking campaigns have targeted and compromised Fortinet devices, usually abusing vulnerabilities in those systems. Instead, in this case, the hackers are relying on leaked passwords, a simpler and less sophisticated attack.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Lorenzo Franceschi-Bicchierai is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance, and privacy.

You can contact or verify outreach from Lorenzo by emailing lorenzo@techcrunch.com, via encrypted message at +1 917 257 1382 on Signal, and @lorenzofb on Keybase/Telegram.

View Bio