> TritonInfoSec News
Home / Mar 14, 2026 / Story
0
#6 BleepingComputer general March 13, 2026 at 13:23 UTC

Fake enterprise VPN downloads used to steal company credentials

By Bill Toulas

AI Summary

Storm-2561 threat actors distribute fake VPN clients impersonating Ivanti, Cisco, and Fortinet through SEO poisoning to steal enterprise credentials. Microsoft identified this campaign uses digitally signed trojans delivered via malicious ZIP files from attacker-controlled websites.

Read full article → https://www.bleepingcomputer.com/news/security/fak…

Relevance score: 80.0/100

# More from March 14

  1. 1
    Google fixes two new Chrome zero-days exploited in attacks BleepingComputer
  2. 2
    Authorities Disrupt SocksEscort Proxy Botnet Exploiting 369,000 IPs Across 163 Countries The Hacker News
  3. 3
    Police sinkholes 45,000 IP addresses in cybercrime crackdown BleepingComputer
  4. 4
    Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation The Hacker News
  5. 5
    Veeam warns of critical flaws exposing backup servers to RCE attacks BleepingComputer
  6. 7
    Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware The Hacker News
  7. 8
    Ransomware incident responder gave info to BlackCat cybercriminals during negotiations, DOJ alleges The Record
  8. 9
    Telus Digital confirms breach after hacker claims 1 petabyte data theft BleepingComputer
  9. 10
    AI-generated Slopoly malware used in Interlock ransomware attack BleepingComputer