Threat Actors Use Generative AI to Compromise FortiGate

On Feb. 20, 2026, Amazon Threat Intelligence reported that a Russian-speaking, financially motivated actor used multiple commercial generative AI services to compromise more than 600 FortiGate devices across over 55 countries. The investigation shows commoditized AI-assisted tooling enables unsophisticated actors to scale intrusions against network devices. The report advises organizations to prioritize FortiGate patching, credential hygiene, and enhanced monitoring for AI-driven attack patterns.