Security News > 2025 > January > Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
2025-01-09 12:14
The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s still impossible to say whether they were mounted by a single threat actor, but the use of known malware on at least one of the compromised VPN appliances points to China-nexus espionage actor(s) – UNC5337 and UNC5221 – that have exploited ICS zero-days several times in the past few … More → The post Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) appeared first on Help Net Security.
News URL
Related news
- Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) (source)
- Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474) (source)
- Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308) (source)
- Microsoft fixes exploited zero-day (CVE-2024-49138) (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure (source)
- Zero-day exploits plague Ivanti Connect Secure appliances for second year running (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Zero-Day Vulnerability in Ivanti VPN (source)