Cybersecurity firm Mandiant has discovered a zero-day vulnerability in Ivanti Connect Secure VPN appliances being exploited by a potential China-linked cyber-espionage group. With no clear attribution to a specific threat actor, the security flaw has been actively used since December 2024. The vulnerability enables attackers to execute remote code, move within networks and install persistent backdoors. Mandiant suggests that multiple threat actors might be involved and recommends affected users to execute a factory reset to mitigate risks.

North Korean Hackers Use Fake U.S. Companies to Spread Malware in Crypto Industry: Report
North Korean hackers reportedly set up shell companies in the US to penetrate the crypto sector and target developers via fake job offers, according to