Chinese hacker organization Mustang Panda, suspected of being state-sponsored, has carried out a major cyberattack impacting at least 170 countries, according to the FBI and the Justice Department. The group used malware called PlugX to gain access to thousands of computers globally. In response, the FBI has launched a multi-month law enforcement operation to combat the malware. The removal of the malware from infected devices is being spearheaded by French authorities.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is