Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
SecurityWeek

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is relying on SEO poisoning to distribute fake VPN clients that install trojans and steal users’ credentials.

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since ...
CRN

Pulse Secure Urges Patch Deployment After VPN Server Passwords Leaked

The developer of secure access solutions said it estimates that 97 percent of customers have already applied the patch. Pulse Secure, a developer of secure access solutions, on Wednesday urged ...
Homeland Security Today

Continued Threat Actor Exploitation Post Pulse Secure VPN Patching

This Alert provides an update to Cybersecurity and Infrastructure Security Agency (CISA) Alert AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability, which advised organizations to ...