CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.
Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
ZDNet

VPN warning: REvil ransomware targets unpatched Pulse Secure VPN servers

A security researcher is urging organizations that use Pulse Secure VPN to patch now or face 'big game' ransomware attacks by criminals who can easily use the Shodan.io IoT search engine to identify ...