Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
Hosted on MSN

Fraudsters use fake stars to game Github, scam users

Millions of users of GitHub, the premier online platform for sharing open-source software, rely on stars to establish their software product's credibility. But new research from Carnegie Mellon ...
The Hacker News

Storm-2561 Spreads Trojan VPN Clients via SEO Poisoning to Steal Credentials

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.
Hosted on MSN

Fake startups target crypto users, infiltrating their wallets

Darktrace research reveals ongoing social engineering campaign targeting crypto users through fake startup companies. Scammers impersonate AI, gaming, and Web3 firms using spoofed social media ...

Microsoft warns about fake Java updates that force you to download malicious software

Microsoft would like to remind users about cyber criminals who attempt to take advantage of users who are aware of Java security alerts by creating fake virus alerts that force you to download ...