Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon

Threat Level

45% Cybersecurity News 22 hours ago Part of cluster #1256

A sophisticated malware campaign targeting Ivanti Connect Secure VPN devices has been actively exploiting critical vulnerabilities CVE-2025-0282 and CVE-2025-22457 since December 2024. The ongoing attacks demonstrate advanced persistent threat techniques, deploying multiple malware families including MDifyLoader, Cobalt Strike Beacon, vshell, and Fscan to establish long-term access to compromised networks. The attack begins with threat actors […]...

Continue Reading on Original Site

Recommended Articles

Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

The Register Security 4 hours ago

Cyber-crime Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days Keep It Simple, Stupid InterviewScattered Spider and Iranian government-backed cyber u...

China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

Wired 1 hour ago

After reporting lastweek that the “raw” Jeffrey Epstein prison video posted by the FBIwas likely modified in at least some ways(though there is no evidence that the footage was deceptively manipulated...

New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers

Cybersecurity News 2 hours ago

A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST....

Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware

Cybersecurity News 36 minutes ago

A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this ongoing ...

New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users

Cybersecurity News 1 hour ago

A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents...

Threat Intelligence

APT Groups 1

Cobalt

Malware 3

Cobalt Strike Pay2Key Vshell

Attack Types 1

Advanced Persistent Threat

Business Intelligence

Technical Indicators

CVEs 2

CVE-2025-0282 CVE-2025-22457

Information

Article ID: #3804
Published: 22 hours ago
Source: Cybersecurity News

Recommended Articles

Ex-IDF cyber chief on Iran, Scattered Spider, and why social engineering worries him more than 0-days

China’s Salt Typhoon Hackers Breached the US National Guard for Nearly a Year

New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers

Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware

New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies