Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to ...
ZDNet

VPN warning: REvil ransomware targets unpatched Pulse Secure VPN servers

A security researcher is urging organizations that use Pulse Secure VPN to patch now or face 'big game' ransomware attacks by criminals who can easily use the Shodan.io IoT search engine to identify ...
Bleeping Computer

FBI Says State Actors Hacked US Govt Network With Pulse VPN Flaw

FBI said in a flash security alert that nation-state actors have breached the networks of a US municipal government and a US financial entity by exploiting a critical vulnerability affecting Pulse ...
ZDNet

Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs

To nobody's surprise, hacker groups have started exploiting vulnerabilities that have been made public earlier this month, taking advantage of public technical details and demo exploit code to launch ...
Wired

VPN Hacks Are a Slow-Motion Disaster

This year has seen no shortage of blockbuster hacks, from the SolarWinds supply chain meltdown to China’s blitz against Microsoft Exchange servers. It’s a lot. But the outsized focus on those hacking ...