Credential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others

A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
GitHub

how-to-install-macos-client.md

The Global Secure Access client secures network traffic at the end-user device. This article describes how to download and install the macOS client. The Global Secure Access client, an essential ...
The Hacker News

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco on Thursday released security updates for a maximum-severity security flaw impacting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager, nearly a month ...
housedigest

Think Twice Before Installing A Home Security Camera Through Your Window

We may receive a commission on purchases made from links. Safety and security at home are very important, especially in areas with high crime rates. In the U.S., around 94 million households use some ...
Dark Reading

Cisco VPNs, Email Services Hit in Separate Threat Campaigns

A variety of Cisco security products have been under fire this month, thanks to two separate campaigns of very different natures. On Wednesday, Cisco revealed that a newly identified China-linked ...
Forbes

Cisco Secure Email Attacks: 0-Day Exploit Confirmed, No Fix Available

“There are no workarounds identified that directly mitigate the risk concerning this attack campaign,” is not what you want to read, having just been informed of a zero-day exploit concerning a Common ...
CSOonline

Cisco confirms zero-day exploitation of Secure Email products

The unpatched flaw affects AsyncOS-based Secure Email appliances, with Cisco investigating scope and urging rebuilds in confirmed compromise cases. Cisco has warned that a China-linked hacking group ...
TechRepublic

Chinese Hackers Target Cisco’s Email Security Systems

The Chinese threat group, tracked as UAT-9686, has deployed a collection of custom-built hacking tools to maintain persistent access to compromised systems. Image: Adobe Stock Cisco has dropped an ...
SiliconANGLE

Cisco expands secure-by-default strategy with new resilient infrastructure initiative

Cisco Systems Inc. is expanding its push into secure-by-default networking with a new initiative announced today. It’s aimed at eliminating insecure legacy features, hardening device configurations ...