Fortinet firewalls and VPN gateways have been targeted as part of a global campaign, with some indications of potential impact in the UK.
A database of credentials has been leaked by a threat actor following brute-force, dictionary and credential stuffing attempts against internet-facing FortiGate and VPN portals.
Credential stuffing is a method where attackers use passwords stolen from one web service to try to access accounts on other services, taking advantage of any reuse of username and password combinations.
