IT News Roundup: Fortinet Breach, NGINX Vulnerabilities, AI IPOs - June 23

The past few days have seen significant developments across cybersecurity infrastructure, open source software, and artificial intelligence. A major campaign targeting Fortinet firewalls exposed tens of thousands of credentials, critical flaws were found in NGINX Open Source, Anthropic moved closer to a public listing, and law enforcement dismantled a widespread malware distribution network.

FortiBleed: Over 74,000 Fortinet Firewall Credentials Exposed

A major hack campaign targeting Fortinet firewall devices has compromised prominent organizations worldwide, with over 86,000 devices affected as of mid-June. The incident, dubbed "FortiBleed," resulted in the exposure of approximately 74,000 firewall credentials that were leaked online.

According to data from SOCRadar, generic admin accounts account for 35% of compromised credentials, while built-in Fortinet system accounts make up another 28.3%. The campaign has been ongoing and has targeted organizations across multiple sectors, raising serious concerns about the security posture of network perimeter defenses.

Fortinet has released patches addressing the vulnerabilities exploited in this campaign. Organizations running FortiGate firewalls are urged to update immediately and rotate all administrative credentials as a precautionary measure. The incident underscores the critical importance of changing default credentials and maintaining regular patch cycles on security infrastructure.

Source: The Hacker News, Help Net Security

F5 Patches Critical NGINX Open Source Vulnerabilities Allowing Remote Code Execution

F5 has released security updates addressing two critical vulnerabilities in NGINX Open Source that could be exploited to achieve remote code execution on affected systems. The flaws, tracked as CVE-2026 entries, represent a significant risk given the widespread deployment of NGINX across web infrastructure worldwide.

The vulnerabilities affect core components of the open source version of NGINX and can potentially allow attackers to execute arbitrary code on servers running unpatched versions. Given that NGINX powers a substantial portion of the internet's web traffic, the impact of these flaws could be far-reaching if exploited in the wild.

F5 recommends all users of NGINX Open Source upgrade to the latest patched version immediately. System administrators should audit their deployments and verify that no instances are running vulnerable versions. The patches are available through standard update channels for both community and enterprise distributions.

Source: The Hacker News

Anthropic Files Confidential S-1, Setting IPO Clock in Motion

AI safety-focused company Anthropic has submitted a confidential S-1 filing with the U.S. Securities and Exchange Commission, officially starting the clock on its initial public offering process. The move marks a significant milestone for one of the leading competitors to OpenAI in the generative AI space.

The confidential filing allows Anthropic to begin preparing for its public listing while keeping financial details private during the review period. This approach is common among tech companies seeking to balance regulatory compliance with competitive sensitivity, particularly in the fast-moving AI sector where valuation dynamics shift rapidly.

Anthropic has positioned itself as a leader in constitutional AI and responsible development practices, differentiating its brand from competitors. The company's Claude models have gained significant traction in enterprise markets, and the IPO could provide capital to accelerate research and infrastructure investments amid intensifying competition.

Source: IMFounder, AI Insiders News

Alphabet Announces $80 Billion AI Infrastructure Funding Plan

Alphabet has announced an ambitious $80 billion funding plan dedicated to expanding its artificial intelligence compute infrastructure. The investment represents one of the largest single commitments to AI infrastructure by any technology company and signals Google's determination to maintain its competitive edge in the rapidly evolving AI landscape.

The funding will support data center construction, GPU and TPU procurement, networking upgrades, and energy infrastructure required to power large-scale AI training and inference workloads. Alphabet has been expanding its cloud computing division aggressively, and this investment is expected to strengthen Google Cloud's position as an AI-first platform for enterprise customers.

The announcement comes amid a broader industry trend of hyperscalers pouring hundreds of billions into AI infrastructure. Industry analysts estimate that major tech firms collectively plan to invest approximately $650 billion in AI-related infrastructure throughout 2026, reshaping data center markets and semiconductor supply chains globally.

Source: IMFounder, Cloud Computing News

SocGholish Malware Network Dismantled in Major Law Enforcement Operation

In a significant law enforcement operation, authorities have taken down 106 servers associated with the SocGholish malware distribution network and cleaned over 15,000 compromised websites. The operation represents one of the largest coordinated takedowns of this persistent web-based threat.

SocGholish has been a long-standing menace in the cybersecurity landscape, using compromised WordPress sites and other web properties to distribute malicious payloads including ransomware, cryptominers, and remote access trojans. The malware typically exploits vulnerabilities in content management systems or leverages weak credentials to gain initial access.

The takedown involved international law enforcement cooperation and highlights the ongoing effort to disrupt cybercriminal infrastructure at scale. Security researchers recommend that website administrators audit their sites for signs of compromise, ensure all CMS platforms are updated, and implement strong authentication mechanisms to prevent reinfection.

Source: Help Net Security

Open Source Vulnerabilities Double Per Codebase, Black Duck Report Finds

The 2026 Open Source Software Risk Analysis (OSSRA) report from Black Duck reveals that the average number of open source vulnerabilities per codebase has doubled to 581. The report found that 87% of codebases are at risk and 65% have been directly hit by attacks, highlighting a growing crisis in software supply chain security.

The surge in vulnerability counts correlates with the explosion of AI-assisted coding tools, which have dramatically increased the volume of open source dependencies being incorporated into applications. While these tools accelerate development, they also introduce more third-party components that require ongoing security monitoring and patch management.

The report emphasizes that automated dependency scanning and continuous vulnerability monitoring are no longer optional for most development teams. Organizations need to implement robust Software Bill of Materials (SBOM) processes and establish clear remediation workflows to manage the growing attack surface presented by open source dependencies.

Source: Black Duck Blog

Ransomware Attacks Surge 48% in May, Education Sector Most Targeted

Check Point Research reported that ransomware attacks surged by 48% during May 2026 compared to the previous period. While overall cyberattacks showed some easing, ransomware specifically continued its aggressive trajectory, with the education sector emerging as the most heavily targeted industry.

Schools and universities face particular vulnerability due to limited cybersecurity budgets, complex network environments, and the high value of student and research data. Attackers have increasingly recognized that educational institutions often lack the mature security controls found in corporate or government environments, making them attractive targets for ransomware operations.

The report also noted that AI is being leveraged by threat actors to accelerate attack campaigns, automate vulnerability discovery, and craft more convincing phishing lures. Security teams are advised to implement layered defenses including email filtering, endpoint detection and response, regular backup verification, and security awareness training tailored to the education environment.

Source: World Economic Forum, Check Point Research