Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others

And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Bleeping Computer

Fortinet VPN Client Exposes VPN Creds, Palo Alto Firewalls Allow Remote Attacks

It's been a bad week for two of the world's biggest vendors of enterprise hardware and software — Fortinet and Palo Alto Networks. Both companies fixed security issues this week affecting some of ...
腾讯网

Fortinet SSL VPN遭遇全球暴力破解浪潮

网络安全研究人员发出警告,针对Fortinet SSL VPN设备的暴力破解流量出现"显著激增"。据威胁情报公司GreyNoise观察,这场协同攻击活动始于2025年8月3日,参与攻击的独立IP地址超过780个。 攻击规模与目标分布 过去24小时内已检测到多达56个独立IP地址参与攻击,这些 ...
TechRadar

Update now — Fortinet Windows VPN hacked to steal user data

Researchers spot Chinese threat actor stealing login credentials from Fortinet VPN Thefts carried out with the help of a vulnerability discovered in 2023 The bug is yet to be addressed, or even ...