Focus Mode
Info Data Leak

UK domain registry Nominet confirms breach via Ivanti zero-day

BleepingComputer
UK domain registry Nominet confirms breach via Ivanti zero-day
Summary: Nominet, the .UK domain registry, confirmed a network breach via an Ivanti VPN zero-day vulnerability, although no evidence of data leakage has been found. The incident has been reported to authorities, and access to systems has been restricted as investigations continue.

Threat Actor: UNC5337 | UNC5337
Victim: Nominet | Nominet

Key Point :

  • Nominet operates over 11 million domain names and runs the UK’s Protective Domain Name Service.
  • The breach was linked to a critical Ivanti Connect Secure zero-day vulnerability (CVE-2025-0282).
  • Cybersecurity firm Mandiant attributes the attack to a suspected China-linked espionage group.
  • Over 3,600 ICS appliances were exposed online before a patch was released by Ivanti.

Source: https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/

Tags: VULNERABILITY, VPN, CHINA, PATCH, CVE, ZERO-DAY, CLOUD