In late November and December 2024, Arctic Wolf observed evidence of a mass compromise of Fortinet FortiGate. While the initial attack vector was unknown at the time, evidence of compromise (with new users and SSL profiles) was consistent across compromised devices.
