Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

7 headlines in this view

Showing 7 most recent headlines Filtered view

Security Affairs 6 days, 12 hours ago

CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks

Threat actors are exploiting a critical FortiClient EMS flaw, tracked as CVE-2026-35616, to deploy malware on unpatched systems. Threat actors are exploiting a critical FortiClient EMS vulnerability, tracked as CVE-2026-35616 (CVSS score of 9.1), that allows remote code execution without authentication. Fortinet released fixes in April after confirming zero-day attacks in the wild and urged […]

More from Security Affairs 29 May 2026, 4:05 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication CVE Critical Flaw Fortinet Malware Patch Remote Code Execution Theft Threat Actor Vulnerability

The Hacker News 6 days, 13 hours ago

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer

More from The Hacker News 29 May 2026, 3:26 a.m. Incident · 10 stories Credentials Critical Exploit Flaw Fortinet Malware Patch Theft Threat Actor

Dark Reading 1 month, 4 weeks ago

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

More from Dark Reading 7 Apr 2026, 8:24 a.m. Incident · 10 stories Actively exploited CVE-2026-35616 0-Day Authentication Bypass CVE Flaw Fortinet Patch Vulnerability

The Register 1 month, 4 weeks ago

Attackers exploited this critical FortiClient EMS bug as a 0-day

CISA added the flaw to KEV after Fortinet confirmed exploitation in the wild Fortinet released an emergency patch over the weekend for a critical FortiClient Enterprise Management Server (EMS) bug believed to be under attack since at least March 31.…

More from The Register 7 Apr 2026, 6:14 a.m. Incident · 10 stories 0-Day CISA Critical Flaw Fortinet Patch

Bank Info Security 1 month, 4 weeks ago

Attackers Target Zero-Day Flaw in Fortinet Security Software

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management ServerFortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch.

More from Bank Info Security 7 Apr 2026, 5:00 a.m. Incident · 10 stories 0-Day Critical Flaw Fortinet Patch Unauthenticated Vendor

Bleeping Computer 1 month, 4 weeks ago

New FortiClient EMS flaw exploited in attacks, emergency patch released

Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. [...]

More from Bleeping Computer 6 Apr 2026, 6:45 a.m. Incident · 10 stories Critical Flaw Fortinet Patch Security Update Vulnerability

The Hacker News 1 month, 4 weeks ago

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild

More from The Hacker News 5 Apr 2026, 4:32 p.m. Incident · 10 stories Actively exploited CVE-2026-35616 API Authentication Bypass CVE Critical Flaw Fortinet Patch Privilege Escalation Vulnerability