An updated version of the EagerBee backdoor malware is being used against ISPs and government entities in the Middle East, according to Kaspersky researchers. The new variant, which was previously deployed against Southeast Asian organizations, adds several advanced features to improve its stealth and evasion capabilities. Kaspersky attributes the malware to Chinese threat group CoughingDown, which has previously collaborated with other state-backed Chinese groups. EagerBee is designed to seamlessly integrate with normal system operations, making it difficult to identify and analyze.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is