Attackers Target Zero-Day Flaw in Fortinet Security Software

Monday, April 6, 2026 at 05:23 PM UTC·Source: Bank Info Security

Updated: Monday, April 6, 2026 at 05:23 PM UTC

Executive Summary

Analysis

Vendor Issues Hotfix for Critical Flaw in FortiClient Endpoint Management Server Fortinet's endpoint management security server software is under fire from attackers, who are actively targeting two critical flaws, including a fresh zero-day that facilitates unauthenticated remote code or command execution. The vendor has issued a hotfix and promised a full patch.

Indicators of Compromise (2)

URL (1)

https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/attackers-target-zero-day-flaw-in-fortinet-security-software-image_small-2-a-31344.jpg

VirusTotal URLhaus

Domain (1)

ismg-cdn.nyc3.cdn.digitaloceanspaces.com

VirusTotal URLhaus

Source Attribution

Originally published by Bank Info Security on Apr 6, 2026.

Related Threats

CRITICALZero Day

Fortinet customers confront actively exploited zero-day, with a full patch still pending

Two critical defects in FortiClient EMS have been exploited in the past couple weeks. Experts push for users to apply an immediate hotfix. The post Fortinet customers confront actively exploited zero-day, with a full patch still pending appeared first on CyberScoop .

2h agoCyberScoop

CRITICALZero Day

Fortinet Issues Emergency Patch for FortiClient Zero-Day

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

CVE-2026-35616

2h agoDark Reading

CRITICALZero DayPOC

Disgruntled researcher leaks “BlueHammer” Windows zero-day exploit

Exploit code has been released for an unpatched Windows privilege escalation flaw reported privately to Microsoft, allowing attackers to gain SYSTEM or elevated administrator permissions. [...]

3h agoBleepingComputer