Highly-resourced hackers are actively exploiting a vulnerability (CVE-2025-0283) in Ivanti VPNs, enabling them to gain control over networked devices. The flaw allows the hackers to execute malicious code without authentication. Ivanti has released a security patch addressing the issue. The attackers are using sophisticated malware called PHASEJAM and DRYHOOK, which even simulate a convincing upgrade process. A third malware, SPAWNANT, disables Ivanti’s integrity checker tool for unauthorized file additions.

Anne Arundel government has made progress in securing systems since cyber incident, officials say – CBS News
Anne Arundel County government officials have reported making progress in securing systems following a cyber incident. Specific details of the incident were not provided, but