Ivanti has patched a critical security vulnerability, CVE-2025-22457, that could have allowed remote, unauthenticated attackers to execute arbitrary code on its Connect Secure product. The company also fixed several other vulnerabilities in its products. Google-owned Mandiant observed evidence of exploitation of CVE-2025-22457 in mid-March 2025, attributed to a China-nexus adversary, UNC5221. This marks the first time UNC5221 has been identified as exploiting a security flaw in Ivanti devices.
LummaStealer Exploits Windows Utility to Run Remote Code Disguised as .mp4 File
The Cybereason Global Security Operations Center (GSOC) has reported on the LummaStealer malware’s advanced evasion techniques. The Russian-developed malware uses the Microsoft HTML Application Host
