from randomname@scribe.disroot.org to technology@beehaw.org on 23 Apr 16:55
https://scribe.disroot.org/post/2539532
cross-posted from: scribe.disroot.org/post/2539529
Here is also a report.
China-nexus APT exploits Ivanti Connect Secure VPN vulnerability to infiltrate multiple entities, according to Cyber Security firm TeamT5.
The campaign, active since late March 2025, exploits the CVE-2025-0282 and CVE-2025-22457 vulnerabilities’ stack-based buffer overflow flaws, which have maximum CVSS (Common Vulnerability Scoring System) scores of 9.0, to deploy the SPAWNCHIMERA malware suite and establish network access.
The victim countries include Austria, Australia, France, Spain, Japan, South Korea, Netherlands, Singapore, Taiwan, the United Arab Emirates, the United Kingdom, and the United States.
Targeted industries include Automotive, Chemical, Conglomerate, Construction, Information Security, Education, Electronics, Financial Institution, Gambling, Government, Intergovernmental Organizations (IGO), Information Technology, Law Firm, Manufacturing, Materials, Media, Non-Governmental Organizations (NGOs), Research Institutes, Telecommunication.
…
threaded - newest