Cyber Security

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

New infostealer reaches enterprise devices through FortiClient EMS vulnerability

Attackers are delivering a broad-spectrum infostealer to enterprise computers by exploiting a known vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS). “The [malicious] payload was presented as a Fortinet endpoint update and executed through FortiClient-managed VPN scripting workflows,” Arctic Wold researchers noted. About CVE-2026-35616 CVE-2026-35616 is an improper access control vulnerability vulnerability in FortiClient EMS, a centralized management platform through which IT admins deploy, configure, and monitor FortiClient endpoint security software across all devices in … More

The post New infostealer reaches enterprise devices through FortiClient EMS vulnerability appeared first on Help Net Security.

Read More

Related Posts

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor...

'The Com' Cyberattacks Support Violence & Sexploitation

'The Com' Cyberattacks Support Violence & Sexploita...

New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

New Russian-Linked GREYVIBE Targets Ukraine with AI-Pow...

Claroty targets cyber-physical system risks with AI-powered security agent

Claroty targets cyber-physical system risks with AI-pow...

Asia's Cyber Insurance Market Shows Signs of Life

Asia's Cyber Insurance Market Shows Signs of Life

The behavioral signals that sharpen Trojan malware detection

The behavioral signals that sharpen Trojan malware dete...