Critical Ivanti Security Flaw Exploited by Chinese Hackers in Wild
CISA reveals severe remote code execution vulnerability affecting multiple Ivanti products, including Connect Secure and Policy Secure gateways. Security researchers link active exploitation to Chinese cyber espionage group UNC5221 using sophisticated malware tools.
Chinese State Hackers Exploit Critical Ivanti Flaw to Deploy Advanced Malware
Security researchers reveal Chinese state-sponsored group UNC5221 is actively exploiting a critical Ivanti Connect Secure vulnerability to deploy sophisticated TRAILBLAZE and BRUSHFIRE malware. The high-severity flaw enables remote code execution through stack-buffer overflow, prompting urgent patching recommendations.
RESURGE: Advanced Chinese Malware Targets Ivanti Security Products with Sophisticated Rootkit Features
A dangerous new malware called RESURGE has been discovered exploiting Ivanti Connect Secure devices through a critical vulnerability. The sophisticated attack tool, linked to Chinese cyber espionage groups, introduces advanced persistence capabilities including rootkits and web shells.