• The Hacker News

Jul 18, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks expl ... Read more

• CybersecurityNews

A sophisticated malware campaign targeting Ivanti Connect Secure VPN devices has been actively exploiting critical vulnerabilities CVE-2025-0282 and CVE-2025-22457 since December 2024. The ongoing att ... Read more

• The Cyber Express

Japan’s cyber defenders have raised the red flag, once again, for a set of Ivanti Connect Secure vulnerabilities that continue to be exploited to present day, although a patch has been available for t ... Read more

• CybersecurityNews

A sophisticated cyber espionage campaign has emerged targeting Japanese organizations through critical vulnerabilities in Ivanti Connect Secure and FortiGate VPN devices. The attack campaign, observed ... Read more

• europa.eu

Cyber Brief (April 2025)May 2, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 311 open source reports for this Cyber Brief1.Policy, cooperation, and law enforcement. The FBI sought help to ide ... Read more

• Google Cloud

Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, ... Read more

• The Hacker News

Vulnerability / Network Security Cybersecurity researchers are warning about a new malware called DslogdRAT that's installed following the exploitation of a now-patched security flaw in Ivanti Connect ... Read more

• Cyber Security News

Recent attacks against Japanese organizations have revealed sophisticated hackers exploiting a zero-day vulnerability in Ivanti Connect Secure VPN appliances. The attacks, occurring around December 20 ... Read more

• The Cyber Express

A new wave of attacks targeting Ivanti Connect Secure VPN devices has revealed a stealthy malware strain known as DslogdRAT, deployed alongside a simple but effective Perl web shell. Security research ... Read more

• Cyber Security News

A significant increase in suspicious scanning activity targeting Ivanti Connect Secure (ICS) and Ivanti Pulse Secure (IPS) VPN systems, signaling a potential coordinated reconnaissance effort by threa ... Read more

• Google Cloud

One of the ways threat actors keep up with the constantly evolving cyber defense landscape is by raising the level of sophistication of their attacks. This trend can be seen across many of our engagem ... Read more

• The Cyber Express

On April 14, 2025, 4Chan, the infamous anonymous image board, experienced downtime due to unexplained outages that left users frustrated and speculating about the cause. While the exact reason for the ... Read more

• The Hacker News

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Lin ... Read more

• The Cyber Express

Australian organizations using Fortinet products are being urged to take immediate action following a new advisory highlighting the active exploitation of previously known vulnerabilities. The Austral ... Read more

• Daily CyberSecurity

A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN appliances. The report details how a China-nexus Advanced Persistent Threat (APT) grou ... Read more

• Cyber Security News

A China-linked advanced persistent threat (APT) group has exploited critical vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate organizations across 12 countries and 20 industries, ... Read more

• The Cyber Express

A new exploit, traced to a MorphoBlue vulnerability, has resulted in the theft of $2.6 million. The breach, which occurred on April 11, 2025, was first reported by PeckShieldAlert, highlighting a majo ... Read more

• Cyber Security News

A detailed technical analysis has been published regarding CVE-2025-22457, an unauthenticated remote code execution (RCE) vulnerability impacting several Ivanti products. The vulnerability was recentl ... Read more

• TheCyberThrone

The Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) Catalog, adding several critical vulnerabilities that are actively being expl ... Read more

• Cyber Security News

Over 5,113 Ivanti Connect Secure VPN appliances remain unpatched and vulnerable to the active exploitation of CVE-2025-22457, a critical stack-based buffer overflow vulnerability that enables remote c ... Read more

• The Cyber Express

Microsoft Patch Tuesday for April 2025 included fixes for 135 vulnerabilities in all, including one actively exploited zero-day and an additional 11 high-risk vulnerabilities. In all, Patch Tuesday Ap ... Read more

• The Cyber Express

The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161, is a ... Read more

• security.nl

Nederland telt allerlei organisaties waarvan de Ivanti-systemen een actief aangevallen kwetsbaarheid bevatten. Dat laat The Shadowserver Foundation weten, die wereldwijd meer dan 5100 kwetsbare system ... Read more

• Daily CyberSecurity

I. Executive SummaryThe reliance on Virtual Private Networks (VPNs) has grown significantly as organizations embrace remote work and individuals seek enhanced online privacy and security. However, thi ... Read more

• Daily CyberSecurity

A severe security vulnerability has been identified in BentoML, a Python library used for building online serving systems optimized for AI applications and model inference. The vulnerability, tracked ... Read more

• Daily CyberSecurity

A security vulnerability, identified as CVE-2025-3155, has been discovered in Yelp, the GNOME user help application that comes pre-installed on Ubuntu desktop. The vulnerability involves the way Yelp ... Read more

• The Cyber Express

On April 3, 2025, Ivanti disclosed an unauthenticated buffer overflow vulnerability tracked as CVE-2025-22457, affecting multiple Ivanti products. Australian organizations using Ivanti solutions such ... Read more

• security.nl

De Amerikaanse overheid adviseert wegens aanvallen organisaties die met software van Ivanti werken om een fabrieksreset uit te voeren. Ivanti kwam vorige week met een waarschuwing voor een actief aang ... Read more

• Daily CyberSecurity

MediaTek has released its April 2025 Product Security Bulletin, detailing a range of security vulnerabilities affecting its various chipsets. The bulletin covers vulnerabilities in chipsets used in sm ... Read more

• Cyber Security News

Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. Keeping updated is essential in the rapi ... Read more

• Daily CyberSecurity

In the past week, several significant cybersecurity incidents have made headlines – including high-impact data breaches, and newly discovered or exploited vulnerabilities. Below is a structured summar ... Read more

• Daily CyberSecurity

A security researcher has recently disclosed technical details and proof-of-concept (PoC) exploit code for a vulnerability in the Linux kernel’s Performance Events system component. This flaw, identif ... Read more

• Daily CyberSecurity

MinIO, a high-performance object storage server compatible with Amazon S3, has released a patch to address a critical security vulnerability. The vulnerability, tracked as CVE-2025-31489, involves inc ... Read more

• Daily CyberSecurity

A critical-severity vulnerability has been discovered in the Bitdefender GravityZone Console, posing a significant risk to affected systems. The flaw, tracked as CVE-2025-2244 (CVSSv4 9.5), is an inse ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are probing Palo Alto Networks GlobalProtect portals Cybersecurity company GreyNoise is warn ... Read more

• TheCyberThrone

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in Ivanti Connect Secure to its Known Exploited Vulnerabilities (KEV) Catalog. This vulnerability, identi ... Read more

• Cyber Security News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-22457, a critical vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA Gateways, to its Known Exploited Vu ... Read more

• Cyber Security News

Ivanti has disclosed a critical vulnerability, CVE-2025-22457, affecting its Connect Secure, Pulse Connect Secure, Ivanti Policy Secure, and ZTA Gateways products that are actively exploited in the wi ... Read more

• SentinelOne

The Good | DoJ Seize $8.2 Million in Cryptocurrency Linked to Romance Baiting Schemes The DoJ has seized over $8.2 million in USDT (Tether) cryptocurrency, all stolen through ‘romance baiting’ scams, ... Read more

• SentinelOne

The Good | DoJ Seize $8.2 Million in Cryptocurrency Linked to Romance Baiting Schemes The DoJ has seized over $8.2 million in USDT (Tether) cryptocurrency, all stolen through ‘romance baiting’ scams, ... Read more

• Cyber Security News

Security researchers have identified a critical vulnerability in Ivanti Connect Secure (ICS) VPN appliances that is being actively exploited by suspected Chinese threat actors. The vulnerability, trac ... Read more

• The Hacker News

Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-2 ... Read more

• TheCyberThrone

UNC5221 is an advanced and highly sophisticated espionage group believed to have ties to China. This group has demonstrated significant expertise in targeting edge devices and exploiting critical vuln ... Read more

• Daily CyberSecurity

Cisco has released security advisories addressing vulnerabilities in its Enterprise Chat and Email (ECE) product and its Meraki MX and Z Series devices. These vulnerabilities could allow for denial-of ... Read more

• Dark Reading

Source: David Carillet via ShutterstockA likely China-nexus cyber-espionage group is actively exploiting a vulnerability in certain versions of Ivanti's Connect Secure, Policy Secure, and ZTA gateway ... Read more

• The Register

Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since mid-March. This is now at least the third time in three years these snoops have be ... Read more

• Help Net Security

A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7 ... Read more

• BleepingComputer

Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. ... Read more

• Daily CyberSecurity

Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products. The vulnerability impacts Ivanti Connect Secure (ICS) VPN ... Read more