As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023.
« These families allow the threat actors to circumvent authentication and provide backdoor access to these devices, » Mandiant said in an
