The year 2024 saw a surge in cyberattacks on US critical infrastructure, with attacks targeted at disrupting network devices and compromising SaaS systems. Some key attacks included the mass exploitation of Ivanti VPNs, a ransomware attack on UnitedHealth-owned Change Healthcare, and a series of attacks targeting Snowflake customers. The year also saw the targeting of network security devices and an increase in data theft and extortion threats. Nation-state threat actors, particularly from China, also increased their activities.
Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is
