Cybersecurity firm Mandiant has discovered a zero-day vulnerability in Ivanti Connect Secure VPN appliances being exploited by a potential China-linked cyber-espionage group. With no clear attribution to a specific threat actor, the security flaw has been actively used since December 2024. The vulnerability enables attackers to execute remote code, move within networks and install persistent backdoors. Mandiant suggests that multiple threat actors might be involved and recommends affected users to execute a factory reset to mitigate risks.

Edelson Lechtzin LLP Is Investigating Claims On Behalf Of Oracle Health Customers Whose Data May Have Been Compromised
National class action law firm Edelson Lechtzin LLP is investigating data privacy violations at Oracle Health. In February 2025, Oracle Health discovered a security breach