Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others

And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is ...

Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
ZDNet

VPN users: If you're on Fortinet, Palo Alto, Pulse Secure, patch now, warns spy agency

If your employees are using virtual private networks (VPNs) from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search through system logs for signs of compromise. As ...
腾讯网

VPN漏洞成为攻击组织的关键工具

VPN基础设施已成为网络犯罪分子和国家支持行为者的主要目标,这些系统中的漏洞成为了广泛组织攻击的入口。即使在公开多年后,关键的VPN漏洞仍然使威胁行为者能够以前所未有的规模窃取凭证并获得对企业网络的管理控制权。 VPN漏洞的持久威胁 尽管一些VPN ...
Threat Post

Thousands of Fortinet VPN Account Credentials Leaked

They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit. UPDATE: Subsequent reporting and disclosures ...
ZDNet

Critical security alert: If you haven't patched this old VPN vulnerability, assume your ...

Cyber criminals and nation-state cyber-espionage operations are actively scanning for unpatched vulnerabilities in Fortinet VPNs; organisations that use Fortigate firewalls on their network, and have ...