A new threat actor has leaked configuration files and virtual private network (VPN) information for 15,000 firewall devices provided by security vendor Fortinet. On January 15, Kevin Beaumont, an ...
FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.
Morning Overview on MSN
The Fortinet hole, rated 9.1, lets an unauthenticated attacker run commands through a single crafted request, and a full patch is still pending
Organizations running Fortinet FortiWeb, the company’s web application firewall, face an immediate threat: a single crafted ...
A threat actor has been compromising Fortinet firewalls through single sign-on (SSO) logins over the past week, raising the specter that a previously disclosed and mitigated authentication bypass ...
Morning Overview on MSN
Hackers just hid their password-stealer inside fake Fortinet security updates — walking off with saved Chrome and Firefox logins from enterprise computers world…
A credential-stealing Trojan disguised as a routine Fortinet security patch has been hitting enterprise networks, quietly ...
Network administrators with Fortinet’s FortiGate next generation firewall in their IT environments are being warned to thoroughly scrutinize systems for possible compromise, following last week’s dump ...
Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...
A zero-day flaw is likely to blame for a series of recent attacks on Fortinet FortiGate firewall devices that have management interfaces exposed on the public Internet. Attackers are targeting the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results