The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In the meantime, UK domain registry Nominet became the first publicly known victim of attackers exploiting the recently patched Ivanti zero-day. CVE-2025-0282 zero-day attacks CVE-2025-0282 is a stack-based buffer overflow vulnerability that allowed unauthenticated attackers to breach VPN appliances used by a number of (still publicly … More
The post UK domain registry Nominet breached via Ivanti zero-day appeared first on Help Net Security.
