FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

Jul 02, 2026 - 12:00
FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions. "An operator tied to FortiBleed's infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deployment