Fortinet FortiClient EMS
-
Threat actors abuse patched FortiClient EMS flaw to push credential stealer
Threat actors are exploiting a patched FortiClient EMS flaw to push a credential stealer disguised as a Fortinet update, according to a technical analysis from Arctic Wolf. The campaign affects managed endpoints and can expose browser data, cookies and saved credentials.
-
CISA adds six exploited flaws to Known Exploited Vulnerabilities catalog
CISA added six vulnerabilities to its Known Exploited Vulnerabilities catalog after evidence of active exploitation, including flaws in Fortinet, Adobe and Microsoft products. Federal agencies face April 27, 2026 deadlines for most fixes.
