Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation. "An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an
from The Hacker News https://ift.tt/P2o9srN
via Cyber Security
Cyber Security
$285 Million Drift Hack Traced to Six-Month DPRK Social Engineering Operation
Drift has revealed that the April 1, 2026, attack that led to the theft of $285 millio…