THREATOPS
THREAT OPSThreat News › Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities

Malware Identified in Attacks Exploiting Ivanti Connect Secure Vulnerabilities

lowjpcert_blogPublished 2025-07-18

<p>JPCERT/CC Eyes previously introduced the malware <a href="https://blogs.jpcert.or.jp/en/2025/02/spawnchimera.html" target="_blank">SPAWNCHIMERA</a> and <a href="https://blogs.jpcert.or.jp/en/2025/04/dslogdrat.html" target="_blank">DslogdRAT</a>, which were deployed by exploiting vulnerabilities in Ivanti Connect Secure. At JPCERT/CC, we have continued to observe active exploitation of these vul

MITRE ATT&CK techniques

Indicators of compromise

Original source: https://blogs.jpcert.or.jp/en/2025/07/ivanti_cs.html