Skip to main content
Login
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

AWS Says 600+ FortiGate Firewalls Hit in AI-Augmented Attack

A financially motivated Russian-speaking actor used AI tools to breach over 600 FortiGate firewalls in 55+ countries, exploiting weak credentials and exposed ports, AWS said.

  • On Feb. 20, Amazon Web Services reported compromises of more than 600 FortiGate firewalls between Jan. 11 and Feb. 18 affecting internet-exposed devices globally.
  • By scanning internet‑exposed FortiGate management interfaces, the financially motivated actor exploited weak single‑factor authentication, relying on opportunistic targeting rather than product vulnerabilities.
  • Investigators found multiple commercial generative AI services were in use, including two different AI tools, with AI-assisted Python scripts and AI-generated planning artifacts on compromised hosts.
  • Attackers stole configuration files containing administrator and VPN credentials, then moved into Active Directory environments and targeted backup systems including Veeam servers, raising downstream and ransomware risks to managed service providers.
  • AWS warned organisations running FortiGate appliances to avoid exposing management interfaces, change default credentials, enforce MFA, and isolate backups, citing increasing AI‑augmented cybercrime.
Insights by Ground AI

13 Articles

Tech RadarTech Radar
Center

Russian hacker uses multiple AI tools to break hundreds of firewalls

A low-skilled threat actor was able to do a lot with the help of AI, Amazon researchers warn.

·United Kingdom
Read Full Article
The RegisterThe Register
Center

AWS says 600+ FortiGate firewalls hit in AI-augmented attack

: Off-the-shelf tools helped Russian-speaking cybercrime group run riot

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

AI helps novice threat actor compromise FortiGate devices in dozens of countries

Generative AI tools analyzed target networks and wrote exploit code, giving an opportunistic attacker an outsized impact, according to a new Amazon report.

Read Full Article
Silicon RepublicSilicon Republic
Center

Hacker used commercial AI to breach 600 firewalls, AWS reveals

AWS describes the campaign as an 'AI-powered assembly line for cybercrime’. Read more: Hacker used commercial AI to breach 600 firewalls, AWS reveals

Read Full Article
cybernoz.comcybernoz.com

Low-Skill Hacker Used AI Tools to Breach FortiGate Devices Globally - Cybernoz - Cybersecurity News

A recent investigation has uncovered a new breed of cybercriminal- the AI-augmented attacker. A Russian-speaking individual, despite having limited technical skills, managed to infiltrate over 600 FortiGate security devices across 55 countries in just over a month. According to findings from Amazon Threat Intelligence, this campaign ran from 11 January to 18 February 2026, and wasn’t the work of a genius. Instead, the attacker used commercial AI…

Read Full Article
CSO OnlineCSO Online

Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon

A Russian-speaking threat actor is using commercial generative AI services to compromise hundreds of Fortinet Fortigate firewalls, warns Amazon Threat Intelligence. Once on the network, the hackers successfully compromised Active Directory at hundreds of organizations, extracted complete credential databases, and targeted backup infrastructure — a potential precursor to ransomware deployment, the report adds. The report, by CJ Moses, CISO of Ama…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality Info Icon

To view factuality data please Upgrade to Premium

Ownership

Info Icon

To view ownership data please Upgrade to Vantage

Security Boulevard broke the news in on Monday, February 23, 2026.
Too Big Arrow Icon
Sources are mostly out of (0)

Similar News Topics

Artificial Intelligence icon

Artificial Intelligence

Amazon icon

Amazon

Software icon

Software

Technology icon

Technology

Cybercrimes icon

Cybercrimes

Amazon Web Services (AWS) icon

Amazon Web Services (AWS)

Big Tech and Platforms icon

Big Tech and Platforms

News
Feed Dots Icon
For You
Search Icon
SearchBlindspot LogoBlindspotLocal