Critical FortiClient EMS Vulnerability Exploited in Fresh Attacks

“The application does not possess network-based credentials exfiltration capabilities; instead, it exports credentials from supported browsers to an output log file. Run without arguments, it provides command-line usage details,” Arctic Wolf notes.Organizations are advised to apply Fortinet’s patches for CVE-2026-35616 as soon as possible. The security defect was added to CISA’s Known Exploited Vulnerabilities (KEV) list on April 6.Related:CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-DayRelated:Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell DeploymentRelated:Ghost CMS Vulnerability Exploited to Hack Over 700 WebsitesRelated:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Organizations are advised to apply Fortinet’s patches for CVE-2026-35616 as soon as possible. The security defect was added to CISA’s Known Exploited Vulnerabilities (KEV) list on April 6.Related:CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-DayRelated:Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell DeploymentRelated:Ghost CMS Vulnerability Exploited to Hack Over 700 WebsitesRelated:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Related:CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-DayRelated:Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell DeploymentRelated:Ghost CMS Vulnerability Exploited to Hack Over 700 WebsitesRelated:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Related:Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell DeploymentRelated:Ghost CMS Vulnerability Exploited to Hack Over 700 WebsitesRelated:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Related:Ghost CMS Vulnerability Exploited to Hack Over 700 WebsitesRelated:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Related:TrendAI Patches Apex One Zero-Day Exploited in the Wild

Ionut Arghire is an international correspondent for SecurityWeek.

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.

Joe Chen has become Chief Technology Officer at Trellix.

Source: SecurityWeek