What to Do if You’re a Data Breach Victim (and You Probably Are)

Data incidents have become so common that you may be tempted to throw away notification letters. Don’t do that, experts say.
Berkman Klein Center

New Project Makes It Easier to Understand What’s Changing In the Fine Print of Your Favorite Apps

ASML’s Transparency Hub provides access to policy documents from hundreds of companies, giving users the ability to directly compare and track how policies change over time and understand how social ...

Fake enterprise VPN downloads used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
Hackaday

This Week In Security: Plenty Of Patches, Replacing Old Gear, And Phrack Calls For Papers

When Friday the Thirteenth and Patch Tuesday happen on the same week, we’re surely in for a good time. Anyone who maintains any sort of Microsoft ecosystem knows by now to brace for impact ...
CSO Online

Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.