Cybersecurity firm Mandiant has discovered a zero-day vulnerability in Ivanti Connect Secure VPN appliances being exploited by a potential China-linked cyber-espionage group. With no clear attribution to a specific threat actor, the security flaw has been actively used since December 2024. The vulnerability enables attackers to execute remote code, move within networks and install persistent backdoors. Mandiant suggests that multiple threat actors might be involved and recommends affected users to execute a factory reset to mitigate risks.

Hackers are selling counterfeit phones with crypto-stealing malware
Kaspersky has identified thousands of low-cost Android smartphones sold online that come with preinstalled malware programmed to steal cryptocurrency details. The devices are infected with