New Attack Targeting Japanese Companies Exploiting Ivanti & Fortinet VPN Vulnerabilities

A sophisticated cyber espionage campaign has emerged targeting Japanese organizations through critical vulnerabilities in Ivanti Connect Secure and FortiGate VPN devices. The attack campaign, observed throughout fiscal year 2024, has primarily focused on manufacturing companies and government-related entities, with attackers exploiting CVE-2025-22457 in Ivanti systems and CVE-2024-55591 in FortiGate infrastructure. Thecampaignrepresents a significant escalation in targeted attacks against Japane...