Hackers are exploiting a new Ivanti VPN security bug
Ongoing attacks on Ivanti VPNs install a ton of sneaky, well-written malware
PHASEJAM is a well-written and multifaceted bash shell script. It first installs a web shell that gives the remote hackers privileged control of devices. It then injects a function into the Connect Secure update mechanism that’s intended to simulate the upgrading process.
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called 'Dryhook' and 'Phasejam' that is not currently associated with any threat group.
Threat actors are once again lining up to exploit vulnerabilities in the widely used Ivanti product suite, with a link to Chinese espionage activity firmed up by Mandiant analysts.
Vulnerability revealed by Ivanti has been exploited by the same group that targeted Connect Secure from January 2024.
Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.
Security researchers at Mandiant are confident that Chinese hackers are behind an ongoing malware campaign exploiting a flaw ...
Researchers at Google Cloud-owned Mandiant say that the exploitation of a critical Ivanti Connect Secure vulnerability began ...
Radiant Capital has shared an important update on the Oct 16 incident in which Radiant Capital was targeted by a ...
The latest attacks come one year after a threat group exploited a pair of zero-days in the same Ivanti product.
Ivanti issues urgent alert on a new vulnerability found in their Connect Secure product, urging immediate action to mitigate ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback