FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
The Hacker News | #1 Trusted Source for Cybersecurity News [Uno…
July 2, 2026
The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-on intrusions.
"An operator tied to FortiBleed's infrastructure was found actively working negotiation panels for both groups, tying mass FortiGate credential theft directly to ransomware deployment
Discussion in the ATmosphere