A China-linked cyberespionage group known as PlushDaemon has reportedly exploited the VPN service of South Korean provider IPany to spread malware and spy on users. ESET security research team discovered the malicious code that allowed the recording of audio and video, alongside the legitimate software in the Windows installer. The VPN software developer has since removed the corrupted installer from its website.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is