UNC5221 Archives • Daily CyberSecurity

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Do Son September 26, 2025

Google Threat Intelligence Group (GTIG) and Mandiant Consulting have released new findings on BRICKSTORM, a backdoor malware...

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221 Ivanti EPMM RCE, China-nexus threat

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

Do Son May 23, 2025

A newly discovered zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) — CVE-2025-4428 — is being actively...

Check Point VPN vulnerability exploited in the wild Check Point VPN exploit CVE-2026-50751 zero-day Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

Do Son April 26, 2025

A newly published report by Yuma Masubuchi from the JPCERT Coordination Center (JPCERT/CC) has uncovered the deployment...

BRICKSTORM Backdoor Targets European Industries BRICKSTORM, Cyber Espionage

BRICKSTORM Backdoor Targets European Industries

Do Son April 16, 2025

In a recent technical expose, NVISO sheds light on BRICKSTORM, a stealthy espionage backdoor attributed to the...

Ivanti Zero-Day CVE-2025-22457 Exploit Details Released Ivanti CVE-2025-22457 Ivanti zero-day

Ivanti Zero-Day CVE-2025-22457 Exploit Details Released

Do Son April 11, 2025

Researchers at Rapid7 published technical details and proof-of-concept exploit code for a critical zero-day vulnerability in Ivanti...

CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware

Do Son April 3, 2025

Ivanti has recently disclosed a critical security vulnerability, identified as CVE-2025-22457, affecting several of its widely-used products....

Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

Do Son January 8, 2025

Ivanti Connect Secure (ICS) VPN appliances have become the focus of advanced threat actors, exploiting a newly...

China-Linked Hackers Target MITRE with ROOTROT Web Shell UNC5221 HAFNIUM Extradition PRC State Espionage

China-Linked Hackers Target MITRE with ROOTROT Web Shell

Do Son May 7, 2024

Researchers at the MITRE Corporation have unveiled disturbing details of a cyberattack attributed to a Chinese state-sponsored...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

UNC5221

BRICKSTORM Malware: China-Linked Hackers Stealthily Target US Tech and Legal Firms for 393 Days

Ivanti EPMM Under Attack: Zero-Day RCE Exploited by China-Linked Group UNC5221

DslogdRAT Malware Targets Ivanti Connect Secure via CVE-2025-0282 Zero-Day Exploit

BRICKSTORM Backdoor Targets European Industries

Ivanti Zero-Day CVE-2025-22457 Exploit Details Released

CVE-2025-22457: UNC5221 Exploits Ivanti Zero-Day Flaw to Deploy TRAILBLAZE and BRUSHFIRE Malware

Zero-Day Alert: UNC5337 Exploits Ivanti VPN Vulnerability CVE-2025-0282 for Espionage Operations

China-Linked Hackers Target MITRE with ROOTROT Web Shell