Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

2025-04-03 (Back to Inventory)

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Author(s): Jacob Thompson, John Wolfram, Josh Murchie, Matt Lin, Michael Edie
Organization: Mandiant

Open article directly

2025-08-26 ⋅ Google ⋅ Austin Larsen, Matt Lin, Omar ElAhdan, Tyler McLellan
Widespread Data Theft Targets Salesforce Instances via Salesloft Drift
UNC6395

2025-07-23 ⋅ Mandiant ⋅ Mandiant Incident Response
From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

2025-05-06 ⋅ Mandiant ⋅ Mandiant
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
BlackCat DragonForce RansomHub

Propose Change Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Related Articles

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)