Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. [...]
The continuous discovery and exploitation of critical vulnerabilities in widely used enterprise software highlight an ongoing struggle between security providers and sophisticated threat actors.
This incident underscores the persistent and evolving threat of supply chain attacks targeting critical infrastructure and data, impacting enterprise security and data integrity.
Enterprises using FortiClient EMS are now at heightened risk, requiring immediate patching and increased scrutiny of their network perimeters and endpoint security.
- · Cybersecurity intelligence firms
- · Security consultants
- · Endpoint Detection and Response (EDR) providers
- · Fortinet (vendor)
- · Organizations using vulnerable FortiClient EMS
- · End-users whose credentials are stolen
Immediate patching and increased cybersecurity spending among affected organizations.
Heightened scrutiny and calls for improved security-by-design from vendors of critical enterprise software.
Potential for new regulations or industry standards for software supply chain security and vulnerability disclosure.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at BleepingComputer