Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

2025-04-03 (Back to Inventory)

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Author(s): Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Organization: Mandiant

Open article directly

2025-04-24 ⋅ Mandiant ⋅ Mandiant
M-Trends 2025 Report
Akira Black Basta LockBit SystemBC GootLoader LockBit WIREFIRE Akira Black Basta Cobalt Strike LockBit RansomHub SystemBC Pink Sandstorm

2025-03-12 ⋅ Mandiant ⋅ Frank Tse, Jakub Jozwiak, Logeswaran Nadarajan, Lukasz Lamparski, Mathew Potaczek, Mustafa Nasser, Nick Harbour, Punsaen Boonyakarn, Shawn Chew
Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers
tsh

2024-10-24 ⋅ Mandiant ⋅ Foti Castelan, Gabby Roncone, Jared Wilson, JP Glab, Max Thauer, Tufail Ahmed
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
UNC5820

Propose Change Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Related Articles

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)