FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

The cybersecurity vendor released an emergency patch over the weekend to address the flaw in FortiClient Enterprise Management Server (EMS). Fortinet disclosed that it has observed exploitation of a ...

Fortinet deployed an emergency patch for yet another zero-day vulnerability that has been exploited in the wild. On Saturday, Fortinet disclosed CVE-2026-35616, which it described as an improper ...

The company — whose recent vulnerabilities have been hit with zero-day and n-day exploits — also released three patches for flaws in FortiOS and FortiAP.

Fortinet warns of a critical FortiClient EMS zero-day vulnerability that is currently being exploited, allowing attackers to bypass authentication and execute commands. Fortinet disclosed a critical ...

FortiClient VPN is the best way for employees to access on-campus services while working remotely. The FortiClient VPN software allows an off-campus Luther workstation to access the Luther College ...

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused. Tracked as CVE-2026-21643, this SQL injection ...