Fortinet customers are facing a new wave of attacks after a critical flaw in FortiClient Endpoint Management Server (EMS) was exploited to push a fake Fortinet patch that secretly installs credential‑stealing malware. The vulnerability, tracked as CVE‑2026‑35616, allows unauthenticated attackers to bypass FortiClient EMS API authentication and issue privileged requests, effectively turning the management server […]

The post FortiClient Code Execution Flaw Exploited to Deploy EKZ Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/forticlient-code-execution-flaw/