Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
GitHub

SSH Tunnel Service — Reverse SSH Port Forwarding (Windows)

SSH Tunnel Service — Reverse SSH Port Forwarding (Windows) A Windows service implemented in C# that creates and maintains reverse SSH tunnels (remote port forwarding) from a reachable SSH server back ...

Critical 0-Click Microsoft Excel Security Bug Lets Copilot Steal Data

Excel users are warned to update now, as a critical vulnerability has been confirmed that can lead to “zero-click information ...

Windows 11 bug is rasing hell for users and Samsung laptops are worst hit

Microsoft has confirmed a Windows 11 bug that can block access to the C: drive on some PCs after a recent security update. The issue appears to affect Samsung laptops most severely, leaving users ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

FBI seeks victims of Steam games used to spread malware

The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing ...