CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...