• FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)
• Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)
• Claude Code source leak exploited to spread malware
• New Phishing Platform Used in Credential Theft Campaigns Against C-Suite Execs
• Trivy supply chain attack enabled European Commission cloud breach
• Microsoft releases open-source toolkit to govern autonomous AI agents
• Which messaging app takes the most limited approach to permissions on Android?
• Click, wait, repeat: Digital trust erodes one login at a time
• New infosec products of the month: March 2026
• New 'Storm' Infostealer Remotely Decrypts Stolen Credentials
• NCSC Issues Security Alert Over Hackers Targeting WhatsApp and Signal Accounts
• Apple Expands iOS 18 Security Updates Amid DarkSword Threat
• Researchers Observe Sub-One-Hour Ransomware Attacks
• GitHub Used as Covert Channel in Multi-Stage Malware Campaign
• Most CNI Firms Face Up to £5m in Downtime from OT Attacks
• Google Introduces Android Dev Verification Amid Openness Debate
• New Venom Stealer MaaS Platform Automates Continuous Data Theft
• Chinese Hackers Target European Governments in Espionage Campaigns
• Eight in 10 UK Manufacturers Hit by Cyber Incident in a Year
• Hackers Hijack Axios npm Package to Spread RATs
• Maryland Man Charged Over $53m Uranium Finance Crypto Hack
• Phantom Project Bundles Infostealer, Crypter and RAT For Sale
• ChatGPT Security Issue Enabled Data Theft via Single Prompt

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time around, the confirmation of active exploitation came almost immediately from Fortinet, as well. “Fortinet has observed [CVE-2026-35616] to be exploited in the wild and urges vulnerable customers to install the hotfix for FortiClient EMS 7.4.5 and 7.4.6,” the company stated in a security advisory published on Saturday. About CVE-2026-35616 On Monday, Defused Cyber …