And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

The malware is designed to steal the victim’s VPN login credentials. According to Microsoft, the attack uses search engine optimization (SEO) poisoning to push websites hosting the malicious VPN ...

Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s indiscriminately assailing networks with login attempts aimed at gaining unauthorized access to VPN, SSH, ...

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate ...

The Cisco Secure Client, used for off-campus access, establishes a secure Virtual Private Network (VPN) between your computer or mobile device and the campus network. This connection grants access to ...

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Cisco AnyConnect, the software used to connect to Eagle VPN, has been rebranded by Cisco to Cisco Secure Client. The new client has a slightly updated appearance and logo [Figure 1]. Starting Tuesday, ...