Ivanti EPMM holes let miscreants plant shady listeners, CISA says

CVE-2025-4427 is an authentication bypass vulnerability and CVE-2025-4428 is a post-authentication remote code execution (RCE ...
The Hacker News

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

BRICKSTORM was first documented by the tech giant last year in connection with the zero-day exploitation of Ivanti Connect ...
The Hacker News

CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

CISA details attackers exploiting Ivanti EPMM zero-days CVE-2025-4427/4428 in May 2025, enabling persistent remote code ...

Google warns China-linked spies lurking in 'numerous' enterprises

Unknown intruders – likely China-linked spies – have broken into "numerous" enterprise networks since March and deployed ...
GCN

CISA outlines malware tied to Ivanti flaws and publishes detection guidance

CISA releases detailed analysis of malware exploiting Ivanti EPMM vulnerabilities CVE-2025-4427 and CVE-2025-4428, providing ...