Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon

Threat Level

46% GB Hackers 1 day ago Part of cluster #1256

Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware including MDifyLoader and Cobalt Strike Beacon. These attacks, observed from December 2024 through July 2025, build on prior incidents involving SPAWNCHIMERA and DslogdRAT, demonstrating persistent targeting of VPN appliances. Attackers leverage these flaws f...

Continue Reading on Original Site

Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon

Recommended Articles

Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers

New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users

2025-07-19 - Cluster AI Daily Threat Brief

Recommended Articles

Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers

New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users

2025-07-19 - Cluster AI Daily Threat Brief

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies