hashpwn

Terms of Service & Privacy Policy Effective Date: Aug 31, 2025 Welcome to hashpwn.net (“we,” “our,” or “us”). By accessing or using hashpwn.net or any of its subdomains (collectively, the “Services”), you agree to comply with and be bound by these Terms of Service. This includes, but is not limited to, the forum and any Services we may provide under the hashpwn.net domain. If you do not agree, please discontinue use of the Services. 1. Eligibility You must be at least 18 years old to register for or use any hashpwn.net Services. By using our Services, you represent that you meet this requirement. 2. User Conduct When using any hashpwn.net Service, you agree not to: Post, share, or request personally identifiable information (PII). Share, request, or distribute illegally obtained data (e.g., combo lists, stolen data, etc). Engage in hate speech, harassment, or unlawful activities. Attempt to compromise, disrupt, or misuse any Service we provide. Post, share, request, or link to any sexually explicit, pornographic, or sexually suggestive content. Our Services are intended for ethical cybersecurity research, discussion, and learning. Illegal activity is strictly prohibited. 3. User Content You retain ownership of any content you post, upload, or submit to hashpwn.net Services. By submitting content, you grant hashpwn.net a non-exclusive, worldwide license to store, display, and distribute your content as necessary to operate and provide the Services. Requests for deletion of publicly posted content will be honored, except in rare cases where retention is required for legal, security, moderation, or administrative reasons (e.g., evidence of abuse). Account deletion and personal data removal requests will always be honored. 4. Privacy & Data Collection We respect your privacy. We collect basic technical information such as IP address, cookies, browser type, and usage analytics. We use this information only for site functionality, security, and moderation. We may log usage data to maintain service quality. We do not sell, rent, or share your information with third parties for advertising or marketing purposes. Users may request removal of their personal data. 5. Disclaimer of Warranties All Services provided by hashpwn.net are offered “as is” and without warranties of any kind, whether express or implied. We do not guarantee uptime, availability, or error-free operation for any Service. Use of hashpwn.net Services is at your own risk. 6. Limitation of Liability To the fullest extent permitted by law, hashpwn.net, its owners, administrators, moderators, and affiliates are not liable for any damages arising from use of our Services, including but not limited to loss of data, downtime, security issues, or service interruptions. 7. Termination We reserve the right to suspend, restrict, or terminate accounts or access to any hashpwn.net Service at our discretion for violations of these Terms or other reasons deemed necessary to protect the community and infrastructure. 8. Changes to the Terms We may update these Terms at any time. Changes will be posted on this page with a new effective date. Continued use of our Services after updates are posted constitutes acceptance of the revised Terms. 9. Contact For questions, concerns, or requests, please contact: @cyclone (Admin/Owner)

DD71B1FA9AF04D4C72C49018741CF8E2C5DF67CA

FortiBleed: The ongoing Fortinet Compromise Campaign [image: 1782402742745-fortibleed.png] Fortinet devices are once again in the spotlight, this time due to an ongoing large-scale compromise campaign being tracked as FortiBleed. This appears to be less of a single clean “one CVE explains everything” situation and more of a broader Fortinet edge-device compromise wave involving exposed management surfaces, credential theft, weak or reused passwords, and recently patched Fortinet issues. The most relevant confirmed vulnerability tied to the current Fortinet activity is CVE-2026-24858, an authentication bypass issue involving FortiCloud SSO. Fortinet says the flaw could allow an attacker with a FortiCloud account and registered device to authenticate into devices registered to other accounts when FortiCloud SSO was enabled. Fortinet also stated that the issue was exploited in the wild and that server-side mitigations were applied in late January before fixed software versions were released. For FortiGate/FortiOS, affected versions include: FortiOS 7.6.0 through 7.6.5 FortiOS 7.4.0 through 7.4.10 FortiOS 7.2.0 through 7.2.12 FortiOS 7.0.0 through 7.0.18 Fixed versions are: FortiOS 7.6.6 or later FortiOS 7.4.11 or later FortiOS 7.2.13 or later FortiOS 7.0.19 or later The broader FortiBleed campaign is being reported as active and large-scale, with researchers observing mass targeting of internet-facing Fortinet FortiGate devices across many countries. The activity reportedly includes extraction of FortiGate configuration files, credential reuse, brute forcing, and cracking of stored credential hashes from older or upgraded FortiOS deployments. One important detail is that this campaign may not be driven by CVE-2026-24858 alone. Some reports suggest attackers are abusing a mix of stolen credentials, exposed admin portals, weak authentication practices, and possibly recently patched Fortinet vulnerabilities. Fortinet’s own analysis also points heavily toward post-auth activity, account creation, configuration theft, and abuse of valid or compromised credentials. Observed post-compromise behavior includes: Successful FortiCloud SSO administrative logins Creation of local admin accounts such as audit, backup, itadmin, secadmin, or support Export or theft of FortiGate configuration files Reuse of credentials recovered from configs Brute-force attempts against exposed services Continued targeting of SSL VPN and management interfaces The config theft angle is especially important. FortiGate configs can contain sensitive operational data, VPN details, user/account references, LDAP/RADIUS settings, local users, firewall objects, and other information useful for follow-on compromise. Even if passwords are hashed, older FortiOS deployments or upgraded systems may still contain weaker stored password hashes unless admins have logged in again or passwords have been rotated. Admins should treat this as a compromise-assessment event, not just a normal patch cycle. Sources: Fortinet PSIRT - CVE-2026-24858: https://fortiguard.fortinet.com/psirt/FG-IR-26-060 Fortinet analysis of SSO abuse on FortiOS: https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios Arctic Wolf FortiBleed campaign writeup: https://arcticwolf.com/resources/blog/active-fortibleed-campaign-impacting-fortinet-devices-across-194-countries/ Kudelski Security FortiBleed research: https://kudelskisecurity.com/research/fortinet-fortibleed-global-compromise-active-exploitation-of-fortinet-vulnerabilities

@macflorek DM sent.

Escrow ID# 89429 • Algorithm: MS Office 2010, -m 9500 • Total hashes: 1 • Price per hash: $1.0014 • Escrow URL: https://hashes.com/en/escrow/item/?id=89429 • Download hashes: 89429_9500.zip

Forum Update: Small Bug Fixed Thanks to one of our members who noticed something odd while browsing the forum using the German language setting. After a little digging, I found a bug in the Stats plugin default DE language config that caused a static domain to appear in the member statistics text: .../languages/de/board-stats.json { ... "registered-members": ... Mitglieder sind bei <em>schoenen-dunk.de</em> registriert.", ... } The German language file for the Stats plugin had a hard-coded URL in the default board-stats.json configuration. Because the plugin is installed through the official NodeBB plugin manager, this quirk affects all forums running the same Stats plugin, so I suspect schoenen-dunk{.}de will be enjoying some unexpected extra traffic until this is fixed in the upstream GitHub repo. The issue has now been corrected on our end and a PR submitted to NodeBB-Community so it can be corrected upstream. DE Stats plugin showing static URL: [image: 1773526802677-6bf3c079-4cc4-4b0a-93e9-81da6b7e5f55-image.jpeg] Upstream GitHub file: https://github.com/NodeBB-Community/nodebb-widget-board-stats/blob/master/public/languages/de/board-stats.json PR submitted by cyclone: https://github.com/NodeBB-Community/nodebb-widget-board-stats/pull/5 Update: 2026/03/15 - GitHub PR#5 merged, upstream code fixed.