Hackers published a list of 50,000 Fortinet VPN credentials stolen from vulnerable devices. A second data leak dumped sslvpn_websession files for every IP initially compromised.
Twitter hack report reveals that employees were tricked into visiting a phishing page that captured their VPN credentials, a technique that worked due to move to remote working during the pandemic.