And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, ...

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...

VPN plans look simple until you factor in renewals, bundles, seasonal promos and long-term commitments. Here’s how to understand the true cost of a VPN.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

proXPN is a Virtual Private Network (VPN) application designed to encrypt your internet connection and mask your real IP address, providing a layer of privacy and enabling access to geo-restricted ...

From Flycatcher Corp. Ltd v. Affable Avenue LLC, decided yesterday by Judge Katherine Polk Failla (S.D.N.Y.): Mr. Feldman was not dissuaded by Court orders or the threat of sanctions from filing ...

To be fair, I also forget why I exist sometimes. When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Security researchers have flagged a coordinated credential-based campaign targeting VPN authentication endpoints from Cisco and Palo Alto Networks. Over just two days in mid-December, attackers ...

A variety of Cisco security products have been under fire this month, thanks to two separate campaigns of very different natures. On Wednesday, Cisco revealed that a newly identified China-linked ...