{"id":216694,"date":"2026-02-21T09:49:00","date_gmt":"2026-02-21T14:49:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/21\/ai-assisted-threat-actor-compromises-600-fortigate-devices-in-55-countries\/"},"modified":"2026-02-23T16:40:08","modified_gmt":"2026-02-23T21:40:08","slug":"ai-assisted-threat-actor-compromises-600-fortigate-devices-in-55-countries","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/21\/ai-assisted-threat-actor-compromises-600-fortigate-devices-in-55-countries\/","title":{"rendered":"AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries"},"content":{"rendered":"<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/ai-assisted-threat-actor-compromises.html\">AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries<\/a><\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/ai-assisted-threat-actor-compromises.html\">https:\/\/thehackernews.com\/2026\/02\/ai-assisted-threat-actor-compromises.html<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-21 09:49:00<\/a><\/p>\n<p>Source Domain: <a href=\"thehackernews.com\">thehackernews.com<\/a><\/p>\n<p>A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries.<\/p>\n<p>That&#8217;s according to new findings from Amazon Threat Intelligence, which said it observed the activity between January 11 and February 18, 2026.<\/p>\n<p>&#8220;No exploitation of FortiGate vulnerabilities was observed\u2014instead, this campaign succeeded by exploiting exposed management ports and weak credentials with single-factor authentication, fundamental security gaps that AI helped an unsophisticated actor exploit at scale,&#8221; CJ Moses, Chief Information Security Officer (CISO) of Amazon Integrated Security, said in a report.<\/p>\n<p>The tech giant described the threat actor as having limited technical capabilities, a constraint they overcame by relying on multiple commercial generative AI tools to implement various phases of the attack cycle, such as tool development, attack planning, and command generation.<\/p>\n<p>While one AI tool served as the primary backbone of the operation, the attackers also relied on a second AI tool as a fallback to assist with pivoting within a specific compromised network. The names of the AI tools were not disclosed.<\/p>\n<p>The threat actor is assessed to be driven by financial gain and not associated with any advanced persistent threat (APT) with state-sponsored resources. As recently highlighted by Google, generative AI tools are being increasingly adopted by threat actors to scale and accelerate their operations, even if they don&#8217;t equip them with novel uses of the technology.<\/p>\n<p>If anything, the emergence of AI tools illustrates how capabilities that were once off-limits to novice or technically challenged threat actors are becoming increasingly feasible, further lowering the barrier to entry for cybercrime and enabling them to come up with comprehensive attack methodologies.<\/p>\n<p>&#8220;They are likely a financially motivated individual or small group who,&#8230;<\/p>\n<p><a href=\"https:\/\/thehackernews.com\/2026\/02\/ai-assisted-threat-actor-compromises.html\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries https:\/\/thehackernews.com\/2026\/02\/ai-assisted-threat-actor-compromises.html Publish Date: 2026-02-21 09:49:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":216695,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhJJ0OGjlNTnrjpx23D3iKXHFeEEDiGO2GRCI-o4SmtGRuXcl5S4rAcjOqOBrfuI1g8E_pj6UQjQP-R2qfAsV08Oukshw6Inq8fUK83I9sLd3LwnPyWazzaQ3yUghSA3UL0j-BNz0tn2dCEQsG3MpACZKSXoKnM6nhyphenhyphenf727_4S_f3L8EU3fxDc332_6Swkm\/s1600\/FortiGate.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,31,34],"class_list":["post-216694","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-exploit","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216694"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=216694"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216694\/revisions"}],"predecessor-version":[{"id":216696,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/216694\/revisions\/216696"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/216695"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=216694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=216694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=216694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}