Researchers and Vendor Both Cite Previously Leaked Credentials, Brute-Force Attacks The FortiBleed campaign harvesting and selling working credentials for 80,000 Fortinet firewalls and SSL-VPN gateways doesn't appear to tie to a zero-day exploit, but rather attackers reusing leaked credentials or brute-forcing systems with weak password hygiene, the vendor and experts said.