Highly-resourced hackers are actively exploiting a vulnerability (CVE-2025-0283) in Ivanti VPNs, enabling them to gain control over networked devices. The flaw allows the hackers to execute malicious code without authentication. Ivanti has released a security patch addressing the issue. The attackers are using sophisticated malware called PHASEJAM and DRYHOOK, which even simulate a convincing upgrade process. A third malware, SPAWNANT, disables Ivanti’s integrity checker tool for unauthorized file additions.
Medusind Breach Exposes Sensitive Patient Data
US dental and medical billing company Medusind is notifying over 360,000 customers of a data breach from December 2023. Personal, financial, and medical data, including
