Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

VPN flaws allowed Chinese hackers to compromise dozens of Ivanti customers, says report

Chinese hackers allegedly broke into the network of an Ivanti subsidiary in 2021. The hackers exploited a backdoor in its VPN ...
Bleeping Computer

Latest Pulse Secure news

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by ...
WRAL

Suspected Chinese hackers exploited Pulse Secure VPN to compromise 'dozens' of agencies and ...

For months, hackers with suspected ties to China have exploited a popular workplace tool to break into government agencies, defense companies and financial institutions in the US and Europe, according ...
HHS

Pulse Connect Secure VPNs Still Under Attack

Two China-linked threat groups are still exploiting unpatched flaws in Ivanti's Pulse Connect Secure VPN products, using additional malware variants to support cyberespionage, FireEye's Mandiant ...