In a twist that has cybersecurity pros shaking their heads in amused disbelief, FortiGate devices have officially joined the ranks of Things-That-Shouldn’t-Need-Cybersecurity-Training but evidently do. Yes, those Next-Generation Firewall (NGFW) appliances, much like teenagers with driver’s licenses, have found themselves at the center of yet another breach fiasco, as hackers gleefully exploit vulnerabilities to play a devastating game of “Whoops, There Go Your Credentials.”

Experts, who’ve had to upgrade their facepalm techniques, report that these bad actors are zeroing in on FortiGate’s weaknesses faster than tech support answering a call for free doughnuts. The intruders are joyriding through victim networks, extracting configuration files like it’s a pre-Christmas sale at the cybersecurity mall. And guess what’s in those file stockings? Oh, just some service account credentials and network topologies, the digital equivalent of finding out Santa’s secret location.

Meanwhile, FortiGate devices—who really should have seen this coming—can’t help but feel a little exposed. They’re like digital fortresses with a misplaced access code under the doormat. Security teams worldwide are now left patching vulnerabilities and issuing stern warnings about the dangers of weak credentials, all while wondering if they should start offering complimentary therapy for overwhelmed IT professionals.