Malware5 min read
FortiClient EMS Exploited to Push Fake Patch That Steals Credentials
Attackers weaponize CVE-2026-35616 to deploy EKZ infostealer via FortiClient EMS management features. Fake Fortinet patch harvests browser passwords and cookies.
James RiveraMay 28, 2026