the fortibleed campaign — a credential-harvesting operation against more than 430,000 fortigate firewalls in 150 countries — has now been linked to deployment of inc and lynx ransomware, meaning stolen credentials are actively feeding follow-on intrusions. separately, researchers claim the first ransomware attack run start to finish by an ai agent, with a language model handling break-in, theft and extortion. the intrusion pipeline is industrializing at both the scale end and the automation end simultaneously.