AttackFeed by Joe Wagner | Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials  - The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials  – The Hacker News

Posted on By [email protected] (The Hacker News)
Attack Feeds

Microsoft has disclosed details of a credential theft campaign that employs fake virtual private network (VPN) clients distributed through search engine optimization (SEO) poisoning techniques.
“The campaign redirects users searching for legitimate enterprise software to malicious ZIP files on attacker-controlled websites to deploy digitally signed trojans that masquerade as trusted VPN clients  –

Read More  – The Hacker News 

You may also like

AttackFeed by Joe Wagner | Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation  - The Hacker News
Attack Feeds
Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation  – The Hacker News
March 13, 2026
AttackFeed by Joe Wagner | GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories  - The Hacker News
Attack Feeds
GitHub Investigating TeamPCP Claimed Breach of ~4,000 Internal Repositories  – The Hacker News
May 20, 2026
AttackFeed by Joe Wagner | CISA chief frets about open-source vulnerabilities, delayed security improvements  - CyberScoop
Attack Feeds
CISA chief frets about open-source vulnerabilities, delayed security improvements  – CyberScoop
May 21, 2026
AttackFeed by Joe Wagner | Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069  - The Hacker News
Attack Feeds
Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069  – The Hacker News
April 1, 2026