Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw
CSO Online 07.04.2026 20:37
Hackers have been exploiting a critical vulnerability in FortiClient Endpoint Management Server (FortiClient EMS) since at least the end of March. Fortinet has published an advisory and released an emergency hotfix that can be applied to affected deployments until a patched version can be released.
The vulnerability, now tracked as CVE-2026-35616, allows unauthenticated attackers to remotely execute arbitrary code on FortiClient EMS, which organizations use to manage, monitor, provision, patch, quarantine, and monitor endpoint systems. The flaw is rated 9.1 (critical) in the Common Vulnerability Scoring System and was added by the US Cybersecurity and Infrastructure Security Agency (CISA) to its Know Exploited Vulnerabilities catalog on Monday.
Warnung aus UK: Russische Cyberkriminelle kapern Router zum Passwort-Klau
Heise Security 07.04.2026 19:17
Das britische Cybersicherheitszentrum NCSC meldet Cyberangriffe auf Internetrouter. Die Bande aus Russland ist auch mehrerer Attacken in Deutschland verdächtig.
Russische Staatshacker sollen beliebte Internetrouter infiltriert haben
Spiegel Online 07.04.2026 18:12
Das FBI, der Bundesnachrichtendienst und der Verfassungsschutz warnen Eigentümer von »TP-Link«-Routern und W-Lan-Verstärkern vor russischen Hackern. Weltweit sollen Tausende Geräte infiltriert worden sein.
Russia Hacked Routers to Steal Microsoft Office Tokens
Krebs Security 07.04.2026 17:02
Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.
Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign
The Hacker News 07.04.2026 16:48
The Russia-linked threat actor known as APT28 (aka Forest Blizzard) has been linked to a new campaign that has compromised insecure MikroTik and TP-Link routers and modified their settings to turn them into malicious infrastructure under their control as part of a cyber espionage campaign since at least May 2025.
The large-scale exploitation campaign has been codenamed
„BlueHammer“: Zero-Day-Lücke in Windows verschafft erhöhte Rechte
Heise Security 07.04.2026 11:37
Windows weist eine Zero-Day-Lücke auf, durch die Angreifer ihre Rechte ausweiten können. Ein Patch steht noch nicht bereit.