A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and Pulse Connect Secure. The vulnerability, patched by Ivanti, allowed the attackers to execute remote code. The exploit involved deploying two new malware families and using a modified version of Ivanti’s Integrity Checker Tool. Ivanti advised customers to upgrade their software and monitor for signs of compromise. Google released hashes of the malware used to help identify potential breaches.
The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing
