over 73,000 fortinet device credentials were stolen and exposed in the fortibleed campaign, using a custom tool planted on compromised firewalls to sniff vpn logins; the infrastructure links to the lynx and inc ransomware operations. in the same window, dhs confirmed an unattributed breach of its homeland security information network, the platform federal, state, and local agencies use to share sensitive information. edge-device credential harvesting at this scale plus a breach of the government's own sharing network is a bad combination of upstream compromises.