Chinese hackers are believed to be exploiting a zero-day flaw in Ivanti VPN devices, according to Mandiant researchers. The malware campaign was initially disclosed by Google’s Mandiant security division and includes the SPAWNANT installer, SPAWNMOLE tunneller, and SPAWNSNAIL SSH backdoor. Mandiant expects the cyber espionage, conducted by UNC5337 and UNC5221, to continue across numerous countries and sectors.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to