Infostealer Malware Exploits FortiClient EMS Vulnerability
A new infostealer is actively targeting enterprise systems by leveraging an improper access control vulnerability, CVE-2026-35616, in FortiClient Enterprise Management Server (EMS). This exploit allows attackers to bypass authentication and authorization, deploying malicious payloads disguised as legitimate updates. The malware is executed through FortiClient's VPN scripting workflows, posing a significant threat to corporate networks.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.