New Campaign Attempts to Exploit FortiGate Next-Generation Firewall

Cybersecurity researchers warn about a new campaign where attackers are attempting to gain entry into networks through the Next-Generation Firewall. Threat actors linked to this campaign are working to obtain configuration files that contain credentials and topology data. These next-generation firewalls are used in enterprise, healthcare, and government and the campaign is targeting vulnerable firewalls. With attacks starting back in November of 2025, this campaign is still active. As a response, companies are attempting to patch vulnerabilities and improving security posture.