Hackers exploit FortiClient EMS flaw to push infostealer malware
Over Security - Cybersecurity news aggregator [Unofficial]
May 28, 2026
Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ.
Discussion in the ATmosphere