CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

New research has uncovered exploitation primitives in the .NET Framework that could be leveraged against enterprise-grade applications to achieve remote code execution. WatchTowr Labs, which has ...
Forbes

Amazon Confirms WorkSpaces Linux Client Authentication Issue

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Amazon Web Services has issued a security bulletin, ...
GitHub

Authentication Databricks

DBeaver is fully compatible with the Databricks OAuth and Personal Access Token (PAT) authentication methods, offering you secure ways to access your Databricks databases. Enter the required ...
GitHub

Feature Request: support client certificate authentication for PostgreSQL

What is the problem you are trying to solve with this feature? Support for client certificate authentication would allow homebox to connect to a PostgreSQL database with client certificates instead of ...
IEEE

A Secure Token-Based Approach for DHCP Client Authentication and Replay Attack Prevention

Abstract: Dynamic Host Configuration Protocol (DHCP) plays a crucial role for assigning IP address and other related parameters to clients. Due to lack of client authentication and anti reply ...
Cloud Security Alliance

MCP, OAuth 2.1, PKCE, and the Future of AI Authorization

How the MCP Authorization Spec reshapes security for LLM-powered autonomous agents. Agentic AI systems – where large language models (LLMs) power autonomous, goal-driven agents – are rapidly ...
InfoQ

Bun 1.2 Improves Node Compatibility and Adds Postgres Client

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
The Hacker News

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a ...