AI Models Automate Attacks Against FortiGate Devices
In early February 2026, security researchers reported hackers using commercial AI models DeepSeek and Anthropic's Claude to automate attacks exploiting FortiGate firewall misconfigurations. A misconfigured SimpleHTTP server on 212.11.64.250:9999 exposed more than 1,400 files and 139 subdirectories, including stolen FortiGate configurations, Active Directory maps and credential dumps. The campaign enables high-volume intrusions and credential-based lateral movement across affected networks.
Key Points
- 1Automate attacks using DeepSeek and Claude to scale exploitation of misconfigured FortiGate devices globally.
- 2Expose high value data: Misconfigured SimpleHTTP server leaked 1,400+ files and 139 subdirectories.
- 3Enable rapid compromise: Leaked FortiGate configurations and AD maps facilitate credential abuse and intrusion.
Scoring Rationale
Novel LLM-driven attack automation and broad FortiGate exposure increase impact, limited by single-source reporting and limited technical depth.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems
