Tag: exploit
-
FortiClientEMS Vulnerabilities Under Active Exploitation, Expose Systems to RCE
A newly disclosed set of vulnerabilities affecting Fortinet’s endpoint management platform has raised serious concerns among cybersecurity professionals, particularly as both flaws are already being actively exploited. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/forticlientems-flaws-under-active-exploitation/
-
CISA Alerts Defenders to Actively Exploited Fortinet Zero-Day Vulnerability
Tags: cisa, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, threat, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability in Fortinet products. The agency officially added the flaw to its Known Exploited Vulnerabilities (KEV) catalog on April 6, 2026, indicating that threat actors are actively exploiting it in the wild. The CISA KEV catalog serves as a…
-
Fortinet customers confront actively exploited zero-day, with a full patch still pending
Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix. First seen on cyberscoop.com Jump to article: cyberscoop.com/fortinet-forticlient-ems-zero-day-cve-2026-35616-hotfix-known-exploited/
-
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
-
Fortinet Issues Emergency Patch for FortiClient Zero-Day
The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/fortinet-emergency-patch-forticlient-zero-day
-
prompted 2026 Agents Exploiting >>Auth-By-One<< Errors
Author, Creator & Presenter: Brendan Dolan-Gavitt, AI Researcher, XBOW & Vincent Olesen, AI Researcher, XBOW Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’) YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-agents-exploiting-auth-by-one-errors/
-
Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit
Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/disgruntled-researcher-leaks-bluehammer-windows-zero-day-exploit/
-
Attackers exploited this critical FortiClient EMS bug as a 0-day
CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild First seen on theregister.com Jump to article: www.theregister.com/2026/04/06/forticlient_ems_bug_exploited/
-
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
Exploitation has been observed for CVE-2026-35616, a critical improper access control zero-day vulnerability affecting Fortinet FortiClientEMS devices. Key takeaways: CVE-2026-35616, an improper access control vulnerability, has been exploited in the wild as a zero-day. Public exploit code has been identified and Fortinet products have a long history of targeting by malicious actors. Hotfixes have been…
-
Missile Alert Phishing Exploits IranIsrael Conflict for Microsoft Logins
New Phishing scam uses fake missile alerts and the ongoing conflict involving Iran to target users with QR codes and fake government emails to steal Microsoft passwords. First seen on hackread.com Jump to article: hackread.com/missile-alert-phishing-iran-us-israel-microsoft-logins/
-
Microsoft links Medusa ransomware affiliate to zero-day attacks
Microsoft says that Storm-1175, a China-based financially motivated cybercriminal group known for deploying Medusa ransomware payloads, has been deploying n-day and zero-day exploits in high-velocity attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-links-medusa-ransomware-affiliate-to-zero-day-attacks/
-
Automated Credential Harvesting Campaign Exploits React2Shell Flaw
An emerging threat cluster tracked as UAT-10608 is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to exfiltrate credentials, secrets, and other system data. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/automated-credential-harvesting-campaign-react2shell
-
Singapore, US warn of latest Fortinet bug being exploited in wild
The Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Thursday to apply the hotfix. First seen on therecord.media Jump to article: therecord.media/singapore-us-warn-of-fortinet-bug-exploited
-
CISA orders feds to patch exploited Fortinet EMS flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-fortinet-flaw-exploited-in-attacks-by-friday/
-
CISA orders feds to patch exploited Fortinet EMS flaw by Friday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to secure FortiClient Enterprise Management Server (EMS) instances against an actively exploited vulnerability by Friday. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-fortinet-flaw-exploited-in-attacks-by-friday/
-
Critical flaw in FortiClient EMS under exploitation
Fortinet released an emergency hotfix after security researchers discovered the vulnerability being exploited as a zero-day. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-flaw-forticlient-ems-exploitation/816699/
-
‘Critical’ FortiClient EMS Vulnerability Exploited In Attacks
Fortinet disclosed that it has observed exploitation of a vulnerability in its FortiClient EMS (Enterprise Management Server) platform, prompting the release of an emergency patch. First seen on crn.com Jump to article: www.crn.com/news/security/2026/fortinet-critical-forticlient-ems-vulnerability-exploited-in-attacks
-
Attackers Exploit RCE Flaw as 14,000 F5 BIG-IP APM Instances Remain Exposed
Over 14,000 F5 BIG-IP APM instances remain exposed online, as attackers actively exploit a critical remote code execution flaw CVE-2025-53521. Over 14,000 F5 BIG-IP APM instances remain exposed online, with attackers actively exploiting the critical remote code execution vulnerability CVE-2025-53521 (CVSS ver. 3.1 score of 9.8), the nonprofit security organization Shadowserver warns. The vulnerability in BIG-IP…
-
CVE-2026-35616: FortiClient EMS Flaw Under Active Exploitation
A critical FortiClient EMS vulnerability (CVE-2026-35616) is under active exploitation, allowing unauthenticated attackers to bypass API protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cve-2026-35616-forticlient-ems-flaw-under-active-exploitation/
-
âš¡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there.One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster…
-
Authentication is broken: Here’s how security leaders can actually fix it
Tags: access, attack, authentication, backup, business, communications, control, credentials, cryptography, data, exploit, fido, firmware, Hardware, healthcare, identity, login, mfa, microsoft, okta, passkey, privacy, resilience, risk, soc, technology, update, windowsSector snapshots: Where it breaks (and why that matters): Healthcare. Clinicians need tap and go speed with zero tolerance for downtime. One large hospital attempted to pair advanced HID SEOS credentials, which use privacy-preserving randomized IDs, with a clinical SSO platform that expects static IDs for user recognition. This architectural mismatch forced a choice between…
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw
Fortinet issued emergency patches for a critical FortiClient EMS flaw (CVE-2026-35616) actively exploited in the wild. Fortinet released out-of-band patches for a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS 9.1), which is already being exploited in attacks in the wild. The flaw is an improper access control issue that allows attackers to bypass authentication…
-
2,000+ FortiClient EMS Instances Exposed Online as Attackers Exploit Active RCE Flaw
Tags: control, cve, cyber, cybersecurity, data-breach, exploit, flaw, fortinet, rce, remote-code-execution, threat, tool, vulnerabilityCybersecurity researchers have issued an urgent warning for organizations using Fortinet’s FortiClient Enterprise Management Server (EMS). Over 2,000 instances of this critical administrative tool are currently exposed to the public internet. Threat actors are actively exploiting severe vulnerabilities to take full control of these systems. These security gaps are tracked as CVE-2026-35616, which is a…
-
Google DeepMind Flags New Threat as Malicious Web Content Puts AI Agents at Risk
Tags: ai, cyber, cybersecurity, exploit, google, intelligence, malicious, risk, threat, vulnerabilityAs artificial intelligence evolves from simple chatbots to autonomous agents that actively browse the web, a new cybersecurity threat has emerged. Researchers at Google DeepMind have identified a critical vulnerability they call >>AI Agent Traps.<< These are adversarial web pages and digital environments specifically crafted to manipulate, deceive, or exploit visiting AI agents. AI agents…
-
New FortiClient EMS flaw exploited in attacks, emergency patch released
Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-fortinet-forticlient-ems-flaw-cve-2026-35616-exploited-in-attacks/
-
Hackers exploit React2Shell in automated credential theft campaign
Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-react2shell-in-automated-credential-theft-campaign/
-
Week in review: Axios npm supply chain compromise, critical FortiClient EMS bugs exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Financial groups lay out a plan to fight AI identity attacks Generative AI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/05/week-in-review-axios-npm-supply-chain-compromise-critical-forticlient-ems-bug-exploited/
-
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant.”Every package contains three files (package.json, index.js, postinstall.js), has no description, repository, First seen on thehackernews.com Jump…