This Scam Impersonates the Official Claude Code Website to Spread Malware

InstallFix delivers an infostealer to your device.

Fake enterprise VPN sites used to steal company credentials

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...
SecurityWeek

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA warns that a high-severity Ivanti Endpoint Manager vulnerability disclosed and patched last month has been exploited in attacks.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
PCMag on MSN

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.