Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
TechSpot

New "Zombie ZIP" attack can evade most antivirus scanners

Is this a virus?: Classic ZIP bombs and other archive-based tricks have long given cybercriminals a convenient way to sneak malware onto unsuspecting systems. A newly documented technique claims to go ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.
AgWeb

Cash Grain Bids

Enter your zip code to find the cash bids and basis levels for the five elevators closest to you. This tool is independently contracted by Farm Journal.