{"uuid": "fa96742a-9ab0-4e19-b40d-25ac70d1212c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-35616", "type": "seen", "source": "https://mastodon.social/ap/users/115426718704364579/statuses/116658691037013457", "content": "\ud83d\udcf0 Active Exploitation of Critical FortiClient EMS Flaw (CVE-2026-35616) Used to Deploy Credential Stealers\n\ud83d\udce2 ACTIVE EXPLOITATION: A critical FortiClient EMS flaw (CVE-2026-35616, CVSS 9.1) is being used to push credential stealers to all managed endpoints via PowerShell. Update to version 7.4.7 NOW. \ud83d\udee1\ufe0f #Fortinet #CyberAttack #PatchNow\n\ud83c\udf10 cyber[.]netsecops[.]io\n\ud83d\udd17 https://cyber.netsecops.io/articles/forticlient-ems-flaw-cve-2026-35616-actively-exploited/?utm_source=m\u2026", "creation_timestamp": "2026-05-29T15:59:19.766680Z"}