{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreichasiz2g3oxf4nyiajxnfpll7dhfbje3azd5q74sl6ggw7rmih3q",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mmwpna74ml72"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreih4b3lcdhi43dsr2v3ubve6nl5xrhuq5rft44qsmhmrrbfap7o7zq"
    },
    "mimeType": "image/jpeg",
    "size": 188181
  },
  "path": "/2026/05/threat-actors-exploit-critical.html",
  "publishedAt": "2026-05-28T15:26:04.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver credential-stealing malware.\n\n\"The campaign abused trusted endpoint management infrastructure to deliver malware across managed endpoints,\" Arctic Wolf said. \"Threat actors disguised the credential stealer payload as a Fortinet endpoint",
  "title": "Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer"
}