Fortinet FortiGate devices face a two-front assault this week: the active FortiBleed credential harvesting campaign has compromised an estimated 30,000 to 75,000 devices across 194 countries through exposed management interfaces, while the SharkLoader espionage campaign chains CVE-2024-21762 and CVE-2022-40684 as initial access vectors against government and diplomatic targets. The combination of mass credential theft sold on criminal forums and targeted nation-state exploitation makes Fortinet the highest operational priority this week for any organization with internet-facing FortiGate infrastructure.