Bleeping Computer

Pulse Secure VPN users can't login due to expired certificate

Users worldwide cannot connect to Pulse Secure VPN devices after a code signing certificate used to digitally sign and verify software components has expired. "As of today, staff are no longer ...
Bleeping Computer

Pulse Secure fixes VPN zero-day used to hack high-value targets

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt ...
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
Dark Reading

Widely Known Flaw in Pulse Secure VPN Being Used in Ransomware Attacks

VPN provider Pulse Secure on Monday urged customers to immediately apply a security patch if they have not yet done so. The company issued the patch last April to address a critical, remotely ...
Computer Weekly

Chinese APT exploits critical CVE in Pulse Secure VPN

Users of Pulse Secure VPN are being urged to patch a newly disclosed authentication bypass zero-day that enables an unauthenticated user to perform remote arbitrary file execution on the Pulse Secure ...
ZDNet

VPN warning: REvil ransomware targets unpatched Pulse Secure VPN servers

A security researcher is urging organizations that use Pulse Secure VPN to patch now or face 'big game' ransomware attacks by criminals who can easily use the Shodan.io IoT search engine to identify ...