Summary: Nominet, the .UK domain registry, confirmed a network breach via an Ivanti VPN zero-day vulnerability, although no evidence of data leakage has been found. The incident has been reported to authorities, and access to systems has been restricted as investigations continue.
Threat Actor: UNC5337 | UNC5337
Victim: Nominet | Nominet
Key Point :
- Nominet operates over 11 million domain names and runs the UK’s Protective Domain Name Service.
- The breach was linked to a critical Ivanti Connect Secure zero-day vulnerability (CVE-2025-0282).
- Cybersecurity firm Mandiant attributes the attack to a suspected China-linked espionage group.
- Over 3,600 ICS appliances were exposed online before a patch was released by Ivanti.