CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that has been exploiting zero-days in edge network appliances since at least 2023, EcleticIQ researchers have shared. Among the entities targeted in this campaign were: a local government authority and healthcare organizations in the UK; a research institute, … More
The post Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations appeared first on Help Net Security.
This article has been indexed from Help Net Security