FortiClient EMS Vulnerability Exploited to Distribute Infostealing Malware
Threat actors are actively leveraging a critical vulnerability, CVE-2026-35616, in FortiClient Enterprise Management Server (EMS). This flaw allows attackers to bypass API authentication and deploy an infostealer, which is disguised as a legitimate Fortinet endpoint update. The ongoing exploitation poses a significant risk to affected systems.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.