The Register
An unknown attacker has abused a couple of flaws in Ivanti Endpoint Manager Mobile (EPMM) and deployed two sets of malware against an unnamed organization, according to the US Cybersecurity and Infrastructure Security Agency.
While CISA doesn't attribute this compromise to a particular group, both of these flaws, CVE-2025-4427 and CVE-2025-4428, were exploited as zero-days before Ivanti disclosed and patched them on May 13. Soon after, private security researchers blamed suspected Chinese government spies for the intrusions.
CVE-2025-4427 is an authentication bypass vulnerability and CVE-2025-4428 is a post-authentication remote code execution (RCE) flaw. The two can be chained to run malware on - and hijack - vulnerable deployments.
In a Thursday alert, CISA said the intrusion it inves
WILX News 10
AlterNet
Raw Story
MENZMAG
Gizmodo
Biography
People Food