Hacker cracks 600 firewalls in one month - with AI [DE]
Summary
A Russian-speaking hacker compromised over 600 Fortigate firewalls between January and February 2026. The attacker initially exploited weak passwords and then used an AI tool based on Google Gemini to access more devices within the same network.
IFF Assessment
FOE
Attackers are leveraging AI to expand their reach after initial compromises, making them more effective.
Defender Context
This highlights the importance of strong passwords and multi-factor authentication (MFA) in securing networks. Defenders should monitor for unusual network activity and ensure systems are patched and hardened to prevent exploitation. The use of AI by attackers for reconnaissance and lateral movement emphasizes the need for advanced threat detection capabilities.