SecurityWeek

Threat Actor Targeting VPN Users in New Credential Theft Campaign

Storm-2561 is relying on SEO poisoning to distribute fake VPN clients that install trojans and steal users’ credentials.

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.
TechRepublic

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions

Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions Your email has been sent A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes ...
IEEE

Continuous Authentication in IoT-based Smart Home Application: A Survey and a Design Framework Using Vector Similarity Search

Abstract: Consumer electronics (CE) in Internet of Things (IoT)-based smart home applications are rapidly growing and used as a daily life part. Authentication has been utilized for decades to secure ...