AI-augmented threat actor accesses FortiGate devices at scale | Amazon Web Services - Amazon Web Services

An AI-augmented threat actor compromised over 600 FortiGate devices globally by exploiting exposed management ports and weak credentials with single-factor authentication, not specific software vulnerabilities. This led to widespread internal network compromise, Active Directory credential harvesting via DCSync attacks, and targeting of backup infrastructure for potential ransomware deployment.