Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch

In May 2026, Arctic Wolf observed a cluster of malicious activity affecting endpoints managed by FortiClient Endpoint Management Server (EMS). The malicious payload was disguised as a fake Fortinet endpoint patch, but it was actually a credential stealer. We named this payload EKZ Infostealer, based on internal symbol names extracted from decrypted code.

What Is Third-Party Risk Management (TPRM)?

Your security team has hardened your perimeter. You have MFA enforced, endpoint detection running, and your crown-jewel systems are locked down tight. Then a vendor you onboarded two years ago, a mid-size SaaS tool your procurement team signed off on, gets breached. They had access to your customer data. Now it is your problem. This is the third-party risk problem in one paragraph. And it is why TPRM has moved from a compliance checkbox to a board-level conversation.

NGINX Under Active Attack: CVE-2026-42945 and CVE-2026-9256 Put Your Infrastructure at Risk

NGINX administrators are facing back-to-back emergency patch cycles. Within days of each other, two critical heap buffer overflow vulnerabilities were disclosed in the same NGINX component, both capable of crashing worker processes and enabling remote code execution on systems without ASLR. If your organization runs NGINX in any capacity, these need immediate attention.

Best server backup solutions for MSPs in 2026

Server backup is one of the most important services managed service providers (MSPs) deliver. Clients rely on servers to run core applications, store critical data and keep daily operations moving. When a server fails, data is deleted or ransomware disrupts systems, clients expect their MSP to recover quickly. That makes the choice of an MSP server backup tool critical. The best server backup for MSPs is not just a utility that copies data.

AI Risk Is Not Uniform: The Case for Archetype-Aware Enterprise Security

Every conversation I have with security leaders about enterprise AI security eventually arrives at the same place: a description of what they've extended. Their data loss prevention tool now flags sensitive data going into prompts. Their SIEM is ingesting AI platform logs. Their cloud security team has added model endpoints to their coverage scope. For many teams, this represents real effort and real progress.

Your AI Agent Inventory Is Incomplete. Here's What That Means for Risk.

Download Beyond Identity: The CISO's Guide to Securing Agentic AI for a 12-month roadmap to comprehensive agent governance, starting with visibility. Some organizations still treat agentic AI as a future problem. Something to plan for. Something on the horizon. That framing is wrong, and the inaction it entails will put you behind.

How to Choose the Best Tech Stack to Support Your Sales Team

If your sales team is to win new clients and upsell to your existing client base, it needs all the support it can get. The current financial climate means that businesses are under more pressure than ever before to perform efficiently and deliver results at a time when companies have less money to spend. For B2B enterprises, this creates additional challenges that extend way beyond the normal barriers to attracting new clients and closing sales. So, finding additional ways to support your sales team is a must.

Understanding How Decision-Making Rights Are Assigned in Advance

Here's a truth most people learn the hard way: you don't think about who controls your future until that future is already unraveling. A sudden hospitalization. A business dispute. A cognitive decline nobody saw coming. By then, the window for calm, deliberate planning has closed, and what replaces it is stress, legal delays, and family conflict.

How Family-Focused Legal Services Help Protect Long-Term Stability

Families today are navigating a level of legal complexity that previous generations simply didn't face. Blended households. Digital assets. Aging parents who need care and protection. Custody arrangements that shift as kids grow. Any one of these challenges can unravel a family's stability if it isn't handled with care, and most families aren't prepared. That's not a criticism; it's just reality. The good news? Investing in family-focused legal services is one of the most meaningful decisions you can make for the people you love most.

Higher Education Spotlight: Sensitive Data Governance in Decentralized Environments

Higher education faces a unique challenge when it comes to managing sensitive data governance. Unlike a more centralized corporate environment, colleges and universities often operate across many semi-independent schools, departments, research groups, and administrative teams. Each may have its own systems, priorities, workflows, and level of security maturity. That structure is part of what makes higher education work. It supports research, academic flexibility, and departmental independence.