Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
Bleeping Computer

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. The zero-day ...
Gizmodo

Cybercriminal Gang Just Leaked 500,000 Fortinet VPN Users’ Passwords

A hacker gang has allegedly collected and dumped a large trove of approximately 500,000 login credentials belonging to users of a popular VPN product from cybersecurity firm Fortinet. The threat actor ...
ZDNet

VPN users: If you're on Fortinet, Palo Alto, Pulse Secure, patch now, warns spy agency

If your employees are using virtual private networks (VPNs) from Fortinet, Palo Alto, or Pulse Secure, you really need to patch the products and search through system logs for signs of compromise. As ...
Lycoming College

Using a VPN (Virtual Private Network) Connection

VPN connections require Multi-factor authentication (MFA). If you have questions or need assistance, please contact it.servicecenter@lycoming.edu. Faculty, staff and students can use FortiClient to ...

FortiGate Edge Intrusions: Stolen Service Accounts Lead to Rogue Workstations and Deep AD Compromise

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...