CVE-2025-0282 is a vulnerability tracked across 6 threat clusters and 8 intelligence report mentions on ThreatCluster. First observed December 10, 2025; most recent activity June 18, 2026.
On April 3, 2025, Ivanti disclosed CVE-2025-22457, a critical buffer overflow vulnerability affecting Ivanti Connect Secure and other products. The vulnerability allows unauthenticated remote code execution, and…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
Google's Threat Intelligence Group tracked 90 zero-day vulnerabilities exploited in 2025, a rise from 78 in 2024. Less than half of these vulnerabilities were attributed to specific threat actors, with spyware vendors…
Ivanti has issued security updates for a critical vulnerability (CVE-2025-10573) in its Endpoint Manager (EPM) product. This flaw could allow remote, unauthenticated attackers to execute arbitrary JavaScript code,…
CISA has released updated findings on RESURGE, a malware implant exploiting CVE-2025-0282 to compromise Ivanti Connect Secure devices. This malware can remain undetected and utilize advanced evasion techniques for…
In early 2024, the US government issued an emergency order for all civilian federal agencies to disconnect the Connect Secure VPN software made by Ivanti Inc. due to a breach by Chinese hackers. The hackers infiltrated…