Summary: A critical vulnerability in Ivanti VPNs, CVE-2025-0282, has been exploited in the wild, with Nominet, the UK domain registry, identified as a victim. Despite the attacks, Nominet reports no evidence of data breaches or backdoors in their network.
Threat Actor: Chinese cyberspies | Chinese cyberspies
Victim: Nominet | Nominet
Key Point :
- Ivanti released patches for the critical zero-day vulnerability CVE-2025-0282.
- Nominet reported suspicious activity linked to the exploitation of Ivanti VPNs used by its staff.
- The UK government has urged organizations to address the vulnerability immediately.
- Shadowserver Foundation noted a significant drop in exposed Ivanti systems, but Censys reported over 12,000 potentially vulnerable instances still online.
Views: 1