Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Updated on July 18, 2025

Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances.
According to a report published by JPCERT/CC today, the threat actors behind the exploitation of CVE-2025-0282 and CVE-2025-22457 in intrusions observed between December 2024 and July…

Read the rest of the story at Read More

Source: The Hacker News

February 6, 2025 Uncategorized

The Evolving Role of PAM in Cybersecurit...

January 22, 2025 Uncategorized

President Trump Pardons Silk Road Creato...

July 30, 2024 Uncategorized

Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks

Related posts

The Evolving Role of PAM in Cybersecurit...

President Trump Pardons Silk Road Creato...

New Mandrake Spyware Found in Google Pla...

Leave a Comment Cancel reply

Recent News

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks

DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft

FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage

Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts

🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do