Chinese Hackers Exploit Ivanti EPMM Vulnerabilities to Target Global Enterprises

A group of hackers linked to China has exploited two recently patched vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software to target various sectors in Europe, North America, and the Asia-Pacific region. The vulnerabilities, identified as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), can be combined to execute arbitrary code on an affected system. These attacks are aimed at corporate networks on a global scale.