A newly observed campaign abused trusted endpoint management infrastructure to deploy a credential stealer across managed enterprise devices silently. In May 2026, Arctic Wolf uncovered an active exploitation campaign targeting organizations running FortiClient Endpoint Management Server (EMS). Threat actors leveraged CVE-2026-35616, an improper access control vulnerability, to bypass API authentication and hijack legitimate administrative workflows, ultimately […]
The post FortiClient Flaw Exploited to Deploy EKZ Malware Attacks appeared first on Cyber Security News.