Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...
SecurityWeek

How Pirated Software Turns Helpful Employees Into Malware Delivery Agents

Preventing of the consequence of cracked or pirated software focuses on user awareness training to recognize the threat.

Hackers Pose as IT Staff in Microsoft Teams to Install Malware

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy ...
Security Boulevard

A fake FileZilla site hosts a malicious download

A tampered copy of FileZilla quietly contacts attacker-controlled servers using encrypted DNS traffic that can slip past ...

Microsoft warns of new signed malware which deploys remote monitoring tools as backdoors

TrustConnect is back, this time used to deploy legitimate but weaponized RMM solutions.
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

GitHub-Store 1.6.0: Cross-platform app store for open source

The open-source app store GitHub-Store has been released in version 1.6.0. It brings better Linux support and many ...
Make Tech Easier

I Analyzed the Latest Windows ‘MaaS’ Scams — Here is What You Need to Know

Cybercriminals are now able to rent Malware-as-a-service and legally install malware on your PC. Learn how to identify these ...