Pierluigi Paganini
September 26, 2025
China-linked actors used Brickstorm malware to spy on U.S. tech and legal firms, stealing data undetected for over a year, Google warns. Google Threat Intelligence Group (GTIG) observed the use of the Go-based backdoor BRICKSTORM to maintain persistence in U.S. organizations since March 2025. Targets include legal, Software as a Service (SaaS) providers, Business Process Outsourcers […]
Pierluigi Paganini
May 26, 2025
China-linked APT exploit Ivanti EPMM flaws to target critical sectors across Europe, North America, and Asia-Pacific, according to EclecticIQ. Researchers from EclecticIQ observed a China-linked APT group that chained two Ivanti EPMM flaws, tracked as CVE-2025-4427 and CVE-2025-4428, in attacks against organizations in Europe, North America, and Asia-Pacific. Below is the description of the flaws: […]
Pierluigi Paganini
April 03, 2025
Ivanti addressed a critical remote code execution flaw in Connect Secure, which has been exploited since at least mid-March 2025. Ivanti released security updates to address a critical Connect Secure remote code execution vulnerability tracked as CVE-2025-22457. The vulnerability has been exploited by a China-linked threat actor since at least mid-March 2025. Ivanti did not disclose […]
Malware / September 26, 2025
