Nearly 3K Ivanti Connect Secure Instances at Risk
Approximately 2,850 Ivanti Connect Secure VPN instances remain vulnerable to CVE-2025-22467, a critical stack buffer-overflow flaw, according to Shadowserver Foundation.
Despite Ivanti patching the vulnerability on February 11, unpatched devices could allow remote authenticated attackers to execute code. The U.S. and Japan lead in exposure, with 852 and 384 vulnerable instances, respectively.
CyberUSA Pushes National Cybersecurity Agenda
CyberUSA has launched “7 Steps to Renew America’s Cyber Safety,” outlining key cybersecurity priorities for the new Trump administration.
The framework addresses national security, economic resilience, and individual protections in an evolving digital threat landscape. It aims to strengthen federal cybersecurity policy and reinforce national cyber defense.
3.9 Billion Passwords Exposed in Infostealer Malware Surge
Threat intelligence platform KELA reports a staggering 3.9 billion stolen credentials circulating on cybercrime forums, largely sourced from infostealer malware logs.
In 2024, infostealers like Lumma, StealC, and Redline compromised 4.3 million machines, siphoning credentials, cryptocurrency, and personal data. The surge highlights growing risks tied to credential theft and malware-as-a-service threats.
