A Chinese Advanced Persistent Threat (APT) Group has successfully exploited critical vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate organizations across 12 countries and 20 industries, according to the Taiwan cybersecurity firm TeamT5. The campaign, active since late March 2025, exploits the stack-based buffer overflow flaws in CVE-2025-0282 and CVE-2025-22457, which have maximum CVSS (Common Vulnerability Scoring System) scores of 9.0, to deploy the SPAWNCHIMERA malware
cvss (3)
Vulnerability management comprises the entirety of workflows geared toward maintaining an up-to-date inventory of a company's digital assets, checking them for imperfections, and addressing the detected security loopholes. It revolves around the principle of monitoring and hardening the security condition of a corporate IT infrastructure continuously to ensure proactive defenses against different forms of exploitation.
There is a difference between the use of garden-variety vulnerability scanne
Activity Summary - Week Ending on 6 May 2022:
- Red Sky Alliance identified 43,915 connections from new IP’s checking in with our Sinkholes
- msk.ru still #1 in Hits
- Analysts identified 1,442 new IP addresses participating in various Botnets
- CVSS
- Using Emulation
- BotenaGo Variant
- PyInstaller
- Inmarsat
- 5 Constant Malware Issues
Link to full report: IR-22-126-001_weekly126.pdf
