The U.S. Justice Department has removed malware from over 4,200 computers worldwide that was reportedly planted by hackers backed by China. The malware, known as “PlugX”, was placed by groups known as “Mustang Panda” and “Twill Typhoon,” and has reportedly been used since 2014 to target and steal data from computers globally.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is