A suspected South Asian cyber espionage threat group, Bitter, has targeted a Turkish defense sector using C++-malware tracked as WmRAT and MiyaRAT. This attack used data streams in a RAR archive to create a scheduled task on the target machine as part of a wider threat trend tracked by enterprise security provider, Proofpoint. The group’s previous targets have been in Asia and include China, Pakistan, India, Saudi Arabia, and Bangladesh.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is