President Biden’s deputy national security advisor revealed that a cyber campaign has breached at least eight US telecommunications companies. The government is working to address the security threat and protect against further cyber attacks on critical infrastructure.

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese advanced persistent threat (APT) group exploited CVE-2025-22457, a previously unexploitable buffer overflow bug, to compromise devices running Ivanti Connect Secure (ICS) and