And then they send victims to the legit VPN download to hide their tracks A group of cybercriminals tracked as Storm-2561 is using fake enterprise VPN clients from CheckPoint, Cisco, Fortinet, Ivanti, and other vendors to steal users' credentials, according to Microsoft.
Published: 2026-03-13T17:17:19