FortiClient EMS bug CVE-2026-35616 now drops EKZ stealer as fake patch
Arctic Wolf says attackers are using the pre-auth FortiClient EMS flaw to push a previously undocumented infostealer disguised as a Fortinet endpoint update.
Stories tagged: #cisa-kev
Trend Micro Apex One CVE-2026-34926 exploited; CISA deadline June 4
Trend Micro patches a directory-traversal flaw in the Apex One server after observing in-the-wild exploitation. CISA orders federal agencies to remediate by June 4.