Ivanti has patched a critical security vulnerability, CVE-2025-22457, that could have allowed remote, unauthenticated attackers to execute arbitrary code on its Connect Secure product. The company also fixed several other vulnerabilities in its products. Google-owned Mandiant observed evidence of exploitation of CVE-2025-22457 in mid-March 2025, attributed to a China-nexus adversary, UNC5221. This marks the first time UNC5221 has been identified as exploiting a security flaw in Ivanti devices.
PipeMagic Trojan Exploits Windows CLFS Zero-Day Vulnerability to Deploy Ransomware
Microsoft reported a now-patched security flaw, CVE-2025-29824, in Windows’ Common Log File System that was exploited in select ransomware attacks against IT and real estate
.webp?w=0&resize=0,0&ssl=1 "CISA Warns of CrushFTP Authentication Bypass Vulnerability Exploited in Attacks")
.webp?w=0&resize=0,0&ssl=1 "AWS Systems Manager Plugin Vulnerability Let Attackers Execute Arbitrary Code")