Monday 06 July 2026 23:49:54 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

#EKZ infostealer


FortiClient EMS Bypassed, Then Turned Into a Credential-Theft Pipe

Published: 29 May 2026 02:04Category: Vulnerabilities & Patch ManagementGeo: North America / USAAuthor: SECURESPECTER

A critical access-control flaw in FortiClient EMS was used to push a fake Fortinet update, run scripts through trusted VPN workflows, and drop the EKZ infostealer on managed endpoints.