Threat Actor Harvesting Other Credentials; Experts See Many More Scans for SSL-VPNs Discovery of the Fortinet credential-harvesting campaign tracked as "FortiBleed" appears to be the "tip of the iceberg" of edge device targeting, with honeypot telemetry revealing VPN and edge devices from Check Point, Cisco, Ivanti/Pulse, Palo Alto, OpenVPN and SonicWall also being top targets.